Towards Post-Quantum OCSP

Since the early stage of internet, the necessity of establishing secure connections between two parties has been a fundamental part of it and a continuous topic of study. Public Key Infrastructures or PKI's have been a key part of its development by means of the use of public key cryptography....

Descripción completa

Detalles Bibliográficos
Autor: Toribio Cortina, Maurici
Tipo de recurso: tesis de maestría
Fecha de publicación:2022
País:España
Institución:Universitat Oberta de Catalunya (UOC)
Repositorio:O2, repositorio institucional de la UOC
OAI Identifier:oai:openaccess.uoc.edu:10609/145588
Acceso en línea:http://hdl.handle.net/10609/145588
Access Level:acceso abierto
Palabra clave:Post-Quantum
cryptography
Crystals-Dilithium
criptografia
cristalls-dilitio
criptografía
cristales-dilitio
Cryptography -- TFM
Criptografia -- TFM
Criptografía -- TFM
Descripción
Sumario:Since the early stage of internet, the necessity of establishing secure connections between two parties has been a fundamental part of it and a continuous topic of study. Public Key Infrastructures or PKI's have been a key part of its development by means of the use of public key cryptography. Shor presented an algorithm in 1994 that was a turn around in the field because it makes possible to break the most currently used algorithms in PKI's, as it has the capability to factor integer numbers in polynomial time using quantum computers. In the past years, and due to the fast improvements in the quantum computers, the topic has become more relevant, as the possibility that in the next decade traditional algorithms become obsolete has become more realistic. Therefore, NIST is in process of standardization of several algorithms that could replace current ones, that are considered to be vulnerable. But for the transition to post quantum, the necessity to study these new algorithms in real protocols is needed. In this work, one of the NIST final round digital signature schemes will be implemented and tested in a PKI protocol. The case of study will be the OCSP protocol, which is a widely used protocol in PKI's to check whether a certificate is revoked or not. The Post-Quantum algorithm to be studied will be Crystals-Dilithium. Various benchmarks are done comparing the performance of this PQ algorithm with two currently widely used, RSA and ECDSA. Results show 50% better CPU performance than RSA and 40% less than ECDSA, in the other hand, it requires around 10x more bandwidth.