This repository accompanies
- Peter Schwabe, Douglas Stebila and Thom Wiggers. More efficient KEMTLS with pre-distributed public keys. Draft paper
- Peter Schwabe, Douglas Stebila and Thom Wiggers. Post-quantum TLS without handshake signatures. ACM CCS 2020.
- Peter Schwabe, Douglas Stebila and Thom Wiggers. Post-quantum TLS without handshake signatures. IACR Cryptology ePrint Archive, Report 2020/534. April 2021.
@inproceedings{CCS:SchSteWig20,
author = {Schwabe, Peter and Stebila, Douglas and Wiggers, Thom},
title = {Post-Quantum {TLS} Without Handshake Signatures},
year = {2020},
isbn = {9781450370899},
publisher = {Association for Computing Machinery},
address = {New York, {NY}, {USA}},
url = {https://thomwiggers.nl/publication/kemtls/},
doi = {10.1145/3372297.3423350},
booktitle = {Proceedings of the 2020 {ACM} {SIGSAC} Conference on Computer and Communications Security},
pages = {1461–1480},
numpages = {20},
keywords = {transport layer security, key-encapsulation mechanism, {NIST PQC}, post-quantum cryptography},
location = {Virtual Event, {USA}},
series = {{CCS '20}}
}
@online{EPRINT:SchSteWig20,
author = {Peter Schwabe and Douglas Stebila and Thom Wiggers},
title = {Post-quantum {TLS} without handshake signatures},
year = 2021,
month = apr,
note = {full online version},
url = {https://ia.cr/2020/534},
}
The below are all git submodules.
If you want to make a fork of this repository, you will need to also fork the relevant submodules and update your .gitmodules.
See also the notes below.
rustls: modified Rustls TLS stack to implement KEMTLS and post-quantum versions of "normal" TLS 1.3measuring: The scripts to measure the abovering: Modified version of Ring to allow for longer DER-encoded strings than typically expected from TLS instances.webpki: Modified version of WebPKI to work with PQ and KEM public keys in certificatesmk-cert: Utility scripts to create post-quantum PKI for pqtls and KEMTLS.
oqs-rs: Rust wrapper aroundliboqs. Contains additional implementations of schemes (notably AVX2 implementations).mk-cert/xmss-rs: Rust wrapper around the XMSS reference code, with our custom parameter set (src/settings.rs) and utilities for keygen and signing.
- MAKE SURE TO CLONE WITH ALL SUBMODULES. There are submodules within submodules, so clone with
--recurse-submodules. - If you want to make a fork of this repository, you will need to also fork the relevant submodules and update your
.gitmodules. - The Dockerfile serves as an example of how everything can be compiled and how test setups can be created.
It is used by the
./measuring/script/create-experimental-setup.shscript, which serves as an example of its use. - The
mk-certsfolder contains a python script,encoder.py, that can be used to create the required PKI. RSA certificates and X25519 certificates are available in subfolders. The certificates assume that the server hostname isservername, so put this in your/etc/hosts. Alternatively, override it using the environment variables in the file (which is also how you set which algorithms are used). - Experimenting with
rustlscan be done directly; use therustls-miosubfolders and runcargo run --example tlsserver -- --helporcargo run --example tlsclient -- --help. - The measurement setup is handled in the
measuring/folder. See the./run_experiment.shscript. - Processing of results is done by the
./scripts/process.pyfolder. It expects adatafolder as produced by./scripts/experiment.py. - Downloading archived results can be done through the scripts in
measuring/archived-results/