Hybridation journey towards Quantum-secure solutions

Kalpana Singh PhD
4 Min To Read
17 May, 2024
- Cybersecurity

Hybridation consists of combining two (or more) cryptographic schemes, the combination should be secure in the classical/quantum computation model as long as one underlying scheme is secure in that model. We refer to our blog Migration towards Quantum-Safe payments for more details on simple Hybridation.

This blog focuses on more categories of potential hybridation solutions for Quantum-Safe payments. These solutions are called:

Nesting Hybridation
Dual message combiner using nesting hybridation

Then, we explain the key-encapsulation mechanism (KEM) and hybrid concepts of using symmetric cryptography in the KEM.

1. Nesting Hybridation

The Nesting Hybridation solution is based on an asymmetric cryptography scheme. We consider two signature schemes. One is from a classical cryptography signature scheme such as ECDSA denoted as $σ_{c}$ and another is a category from PQC primitives CRYSTALS-Dilithium , denoted as $σ_{q}$. The combination of these two signature schemes is called a hybrid signature scheme and is secure from both classical and quantum threats as these belong to security properties from classical and quantum cryptographic primitives.

The Nesting Hybridation solution uses the output of classical cryptography primitive as an input into PQC cryptography primitive and gets the Hybridation solution.

Firstly, we generate a public key (or called as verifying key) and a secret key for both classical and quantum signature schemes: $(sk_{c}, vk_{c})$ $\leftarrow$ $\sum_{c} KeyGen ()$ and $(sk_{q}, vk_{q})$ $\leftarrow$ $\sum_{q} KeyGen ()$ respectively.

The key generation steps are as follows:

$$C(\sum_{c}, \sum_{q}).KeyGen:$$ $$(sk_{c}, vk_{c}) \leftarrow \sum_{c} KeyGen (), $$ $$(sk_{q}, vk_{q}) \leftarrow \sum_{q} KeyGen (), $$ $$ Return sk_{Hybrid} \leftarrow (sk_{c}, sk_{q}), $$ $$ vk_{Hybrid} \leftarrow (vk_{c}, vk_{q}). $$

Notation: $C_{nesting}$ denoted as concatenation function. $σ_{Hybrid}$ denotes hybridation of signatures classical $σ_{c}$ and PQC primitives $σ_{q}$.

We concatenate signatures by adopting the nesting approach and get $σ_{Hybrid}$ using the below steps:

$$C_nesting(\sum_{c}, \sum_{q}).sign(sk_{Hybrid}, msg): $$ $$ \sigma_{c} \leftarrow \sum_{c}sign(msg, sk_{c}),$$ $$\sigma_{q} \leftarrow \sum_{q}sign((msg, sigma_{c}), sk_{q}),$$ $$ Return \sigma_{Hybrid} \leftarrow (\sigma_{c}, \sigma_{q})$$

This approach is called the nesting hybridation approach, which is secure from both classical and quantum threats.

2. Dual message combiner using nesting hybridation

This hybridation solution is based on an asymmetric cryptography scheme and combines using a nesting approach where we utilize two messages $msg_{1}$ and $msg_{2}$.

The key generation is the same as the above-defined nesting hybridation solution.

We concatenate signatures by endorsing a dual message combiner using a nesting approach and get $\sigma_{Hybrid}$ as follows:

Notation: $C_{dual_msg_nesting}$ denoted as dual messages concatenation function.

$$ C_{dual_msg_nesting}(\sum_{c}, \sum_{q}).Sign(sk_{Hybrid}, (msg_{1}, msg_{2})): $$ $$ \sigma_{c} \leftarrow \sum_{c}sign(msg_{1}, sk_{c}),$$ $$\sigma_{q} \leftarrow \sum_{q}sign((msg_{1}, sigma_{c}), msg_{2}), sk_{q}),$$ $$ Return \sigma_{Hybrid} \leftarrow (\sigma_{c}, \sigma_{q}).$$

This Hybridation approach is called the dual message combiner nesting hybridation approach, and is secure from both classical and quantum threats.

Key Encapsulation Mechanism (KEM)

The Key Encapsulation Mechanism (KEM) is an asymmetric cryptographic primitive that allows two parties to establish a shared secret key. In this approach, we use the Secret share key using a quantum-secure asymmetric cryptographic primitive. Then, we perform encryption using classical symmetric cryptographic primitive.

We consider two parties: the sender and the receiver. Both parties sender and receiver generate public and private keys using a function $(sk, pk) \leftarrow KeyGen()$. By using the encapsulation function sender shares shared secret data $ss$ in an encrypted way to the receiver using a function $(ct, ss) \leftarrow Encaps(pk_{R})$, where $ct$ is a ciphertext. Finally, a receiver can decrypt using the decapsulation function and gets shared secret data $ss$ $ss \leftarrow decaps(sk_{R}, ct)$. We delineate these steps below in Figure.1.

lynx boréal
Figure.1: Key Encapsulation Mechanism Steps

Hybrid Public key encryption ‘HPAKE’

We employ a ‘key encapsulation mechanism (KEM)’ and then use symmetric cryptography primitive to encrypt data and send it to the receiver. The receiver performs decapsulation and decryption functions and gets the message. The steps are presented below in Figure.2.

lynx boréal
Figure.2: Hybrid Public Key Encryption Steps

Summary

This blog delivers the work on Hybridation steps to accomplish quantum-secure solutions. Additionally, this blog presents the key-encapsulation mechanism (KEM) and uses of the KEM in the Hybridation approach using symmetric key cryptography for sharing secret data securely.

Our previous blogs on the PQC series are available in below links:

The threats of quantum computing in modern cryptographic primitives are happening, and NIST-recommended standards drafts on PQC solutions are in progress Help! Quantum Computers are threatening our payments! .
Migration towards Quantum-Safe payments using Simple Hybridation approach Migration towards Quantum-Safe payments