QR-PACE
Quantum-Resistant Password Authenticated Connection Establishment
As part of a bigger research effort on the migration of electronic identity documents (eCards) to quantum-resilient schemes, we concentrate on the PACE protocol which is at the heart of many eCard security mechanisms. This includes the analysis of the current state-of-the-art in both PQC and eCards, the underlying infrastructures, challenges, and possible solutions starting from the hardware and infrastructures, over scheme suitability and protocol design, and all the way up to a full-scale approach for PQC migration and crypto-agility. The proposed research helps paving the way towards securing eCards against the threat of quantum computers, enable crypto-agility, and provide building blocks for similar systems.
The conducted research and development in this project consists of three main tasks, which are carried out in cooperation with the TUD (University of Darmstadt). These tasks are:
- Developing PAKE protocol design and draft based on PQC key exchnage mechanisms (KEM) and providing a formal security proof.
- Implementing a prototype on suitable hardware platforms and providing performance benchamrks.
- Investigating the physical security against side-channel analysis (SCA) and fault-injection (FA) attacks and the required hardening mechanisms.
Contact:
Project Overview
Publications
- Nouri Alnahawi, Nicolai Schmitt, Alexander Wiesmaier, and Chiara-Marie Zok. 2023. Towards Next Generation Quantum-Safe eIDs and eMRTDs – A Survey. ACM Trans. Embed. Comput. Syst. Just Accepted (March 2023). https://doi.org/10.1145/3585517
- Alnahawi, Nouri, Kathrin Hövelmanns, Andreas Hülsing, and Silvia Ritsch "Towards post-quantum secure PAKE-A tight security proof for OCAKE in the BPR model." Cryptology ePrint Archive (2023).