Post Quantum Design in SPDM for Device Authentication and Key Establishment

Yao, Jiewen; Matusiewicz, Krystian; Zimmer, Vincent

doi:10.3390/cryptography6040048

Cited by 7 publications

(5 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Prior works on PQC in embedded systems and wireless networks are more closely related to our work on V2V. However, many existing works on embedded systems (e.g., [23], [24], [25], [26], [27]) do not consider the above constraints; for wireless systems, PQC has mostly been considered only for key exchange or encryption (in contrast to our focus on authentication) as in [19] (PQ key establishment protocols to encrypt 5G identifiers) and [73] (encryption for video streaming systems). In the vehicular domain, PQC is scantly represented.…”

Section: Related Workmentioning

confidence: 91%

“…We denote the i-th message by BSM i and its signature by sig i , packed into spdu i . The first stage (lines 3-11) and last stage (lines [25][26][27][28][29][30][31] are the same as for the ECDSA-based design conditioned on the Boolean value b c . This value is 1 if the entire hybrid certificate has been received and verified by the receiver within the five minutes that the pseudonym certificate has been used, (i.e., b c is set to 1 in line 18).…”

Section: Informal Descriptionmentioning

confidence: 99%

“…1. Moreover, we focus on the particular challenges of authenticating V2V message broadcasts over noisy wireless channels, whereas existing hybrid designs in embedded or vehicular systems tend to focus on confidentiality or access control [18], [19], [20], [21], [22], or else consider reliable, wired channels with bidirectional communication [23], [24], [25], [26], [27].…”

Section: Introductionmentioning

confidence: 99%

“…Roadmap for a PQ Transition in V2V: We show that simply adopting a hybrid design using any of the PQ signature schemes selected for NIST standardization [28] or the 0 1000 500 Latency constraint (ms) Size constraint (bytes) 10 0 100 1000 10000 100000 [30] [31] [32] V2V 6G [19] SPDM [25] TLS Fig. 1.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

When Cryptography Needs a Hand: Practical Post-Quantum Authentication for V2V Communications

Twardokus,

Bindel,

Rahbari

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

We tackle the atypical challenge of supporting postquantum cryptography (PQC) and its significant overhead in safety-critical vehicle-to-vehicle (V2V) communications, dealing with strict overhead and latency restrictions within the limited radio spectrum for V2V. For example, we show that the current use of spectrum to support signature verification in V2V makes it nearly impossible to adopt PQC. Accordingly, we propose a scheduling technique for message signing certificate transmissions (which we find are currently up to 93% redundant) that learns to adaptively reduce the use of radio spectrum. In combination, we design the first integration of PQC and V2V, which satisfies the above stringent constraints given the available spectrum. Specifically, we analyze the three PQ signature algorithms selected for standardization by NIST, as well as XMSS (RFC 8391), and propose a Partially Hybrid authentication protocol-a tailored fusion of classical cryptography and PQC-for use in the V2V ecosystem during the nascent transition period we outline towards fully PQ V2V. Our provably secure protocol efficiently balances security and performance, as demonstrated experimentally with software-defined radios (USRPs), commercial V2V devices, and road traffic and V2V simulators. We show our joint transmission scheduling optimization and Partially Hybrid design are scalable and reliable under realistic conditions, adding a negligible average delay (0.39 ms per message) against the current state-of-the-art.

show abstract

Section: Related Workmentioning

confidence: 91%

Section: Informal Descriptionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

When Cryptography Needs a Hand: Practical Post-Quantum Authentication for V2V Communications

Twardokus,

Bindel,

Rahbari

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…The SPDM relies on asymmetric cryptography and public-key certificates for authentication. A post-quantum design is proposed in [30].…”

Section: Threat Model and An Overview Of Spdm Protocolmentioning

confidence: 99%

Light-Weight Security Protocol and Data Model for Chip-to-Chip Zero-Trust

2023

View full text Add to dashboard Cite

The semiconductor supply chain is vulnerable to multiple security attacks, such as hardware Trojan injection, intellectual property theft, and overproduction. The notion of zero-trust (ZT) -never trust, always verify -offers a promising opportunity for chip security by authenticating integrated circuits (ICs) when they are connected to critical computing systems. Before exchanging any data, the system establishes trust with the chip using industry security protocols. In this paper, we propose using the secure protocol and data model (SPDM) to establish chip-to-chip (C2C)-ZT communications. Furthermore, we present formal models for this solution and verify these models using state-of-the-art formal verification tools. The results show that the SPDM meets the requirements of the ZT architecture and can be used as a foundation for secure C2C interconnection. INDEX TERMSSecure protocol and data model (SPDM), automatic verification of internet security protocols and applications (AVISPA), secure protocol animator (SPAN), formal verification (FV). I. INTRODUCTIONASHFAQ AHMED (Senior Member, IEEE) received the M.S. and Ph.D. degrees from the

show abstract

Deploying Post-quantum Algorithms in Existing Applications and Embedded Devices

Muzikant,

Willemson

2024

Communications in Computer and Information Science

View full text Add to dashboard Cite

Post Quantum Design in SPDM for Device Authentication and Key Establishment

Cited by 7 publications

References 32 publications

When Cryptography Needs a Hand: Practical Post-Quantum Authentication for V2V Communications

When Cryptography Needs a Hand: Practical Post-Quantum Authentication for V2V Communications

Light-Weight Security Protocol and Data Model for Chip-to-Chip Zero-Trust

Deploying Post-quantum Algorithms in Existing Applications and Embedded Devices

Contact Info

Product

Resources

About