HR4RS stamp
Irene Vega
Key exchange is one of the main cryptographic tasks that must be carried out to shield our communications in insecure environments, such as email, chats or video call applications. The growing development of quantum computing is making the classic key exchange mechanisms no longer secure and virtual environments are increasingly vulnerable to cyberattacks.
To provide a solution to these new threats, the URJC has co-directed a project, together with the Technical University of Slovakia (project director), the University of Alabama (Huntsville, USA) and the University of Malta, with the aim of designing a secure group key exchange tool against quantum adversaries.
In this project, funded by NATO through the SPS program (for its acronym, Science for Peace and Security), not only has an attempt been made to develop a theoretical design, but a secure group chat application built from the developed tool has been implemented. “We have managed to design a tool that can be used in the present to obtain secure cryptographic keys in the future. Even if the communication encrypted with these keys is stored and, in the future, an adversary with access to a quantum computer tries to decrypt it, we can guarantee that he will not be successful in his attacks. In this way, we achieve long-term confidentiality with relatively cheap technologies available today”, explains María Isabel González Vasco, co-director of the project and researcher at the URJC.
This cryptographic tool combines formal (mathematical) analysis and design with software implementation and the development of a hardware monitor to monitor each execution. “All those pieces constitute different layers to ensure the security of the key exchange tool. The devices connect, agree on a common cryptographic key and can encrypt their communication with the maximum security guarantees”, points out the URJC researcher.
The results of this work have been published in the scientific journal I.T. and to conclude the project an experiment has also been carried out with the aim of putting the developed tool into practice. The experience turned out to be a success, according to María Isabel González Vasco: “From the URJC we communicated with the Technical Universities of Slovakia, Alabama and Malta, and the NATO headquarters in Brussels, establishing a secure chat session. The Slovakian node initiated the communication and launched the key exchange, so that it was distributed to the rest of the nodes in seconds and with the maximum security guarantees. Thanks to this key we were able to encrypt our subsequent communication using a symmetric tool (AES). The whole process was done in a few minutes, showing the usability of the system in an agile and safe way in conventional equipment".
Cast of experts in cryptography and physics
The URJC team has been made up of five researchers, whose contribution has been key to the development of the cryptographic tool. María Isabel González Vasco, Misael E. Marriaga and Angel L. Pérez del Pozo are experts in public key cryptography with extensive experience in the design and analysis of key exchange schemes. In addition, it has had the collaboration of the professors of the area of Electromagnetism Manuel Arrayás and José Luis Trueba, who have contributed when analyzing the feasibility of physical attacks through collateral channels to the proposed designs.
