Send in your ideas. Deadline February 1, 2025
hex
Resources
Source code :
https://github.com/kemtls
Website
More info available :
https://kemtls.org
Grant
Theme fund: NGI Assure
Period: 2021-06 — 2023-11

Standardizing KEMTLS

Post-quantum TLS without handshake signatures

KEMTLS is a recent academic proposal for an alternative way of adding authentication to the Transport Layer Security (TLS) protocol. The project is motivated by the need to migrate public key cryptography to new algorithms that resist attacks by quantum computers. Compared to traditional cryptography, post-quantum signature schemes generally have larger public keys and/or signatures, and need more computational effort. KEMTLS, published at the ACM Computer and Communications Security Conference in 2020, replaces signature-based authentication for web servers with a post-quantum key exchange (called a KEM) in a way that saves communication and computation.

In this project we aim to prepare KEMTLS for standardization by the Internet Engineering Task Force (IETF). To that end we will implement KEMTLS in a few different open source TLS software libraries and demonstrate the viability and interoperability of these implementations. This software will assist later implementers of KEMTLS by allowing to validate their implementations against our reference. We will also investigate optimizations for using KEMTLS in specialized environments like IoT, and will investigate issues involving certification of KEM keys.

Run by Max Planck Institute for Security and Privacy

Logo NLnet: abstract logo of four people seen from above Logo NGI Assure: letterlogo shaped like a tag

This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.