5

IETF RFC 6539 IBAKE - Identity Based Authenticated Key Exchange describes a Hybrid key exchange using both Identity based cryptography and a standard ephemeral elliptic curve Diffie-Hellman key exchange.

Since that protocol already is a hybrid could one replace the elliptic curve Diffie-Hellman exchange from IBAKE with something like SIKE or some other PQC scheme and use that for an effective PQ Hybrid?

It seems like a PQ exchange inside of IBAKE would give users long term protection against quantum computers.

Community
  • 1
Andrea Russo
  • 139
  • 5

1 Answers1

2

The security proof for the original IBAKE protocol is found in IBAKE: Identity-Based Authenticated Key Exchange Protocol. The IBAKE scheme described there uses an Identity Based Key Exchange to authenticate an ephemeral elliptic curve Diffie-Hellman key exchange. The scheme uses two different elliptic curves one for the ephemeral elliptic curve Diffie-Hellman exchange (ECDHE) and a pairing friendly curve to serve as the basis for the Identity Based Key Exchange. The security proof requires that the ephemeral key exchange be secure but it does not rely on any particulars of the ephemeral key exchange being used. Therefore on could replace the quantum vulnerable ECDHE with a quantum secure key exchange like SIDH or New Hope and the proof of security of the protocol will still hold.

Using SIDH instead of a Lattice Based Key exchange would keep the protocol packet sizes within a few hundreds of bits of the original IBAKE scheme. Using and ephemeral SIDH (SIDHE) in place of ECDHE in IBAKE would lengthen the useful lifetime of IBAKE until an adversary actually has a quantum computer because the SIDHE exchange would protect against the well know "store then break" attack.

luiz carvalho
  • 309
  • 1
  • 5