On the Security of Opportunistic Re-Keying

Stefan Lucks; David Schatz; Guenter Schaefer

doi:10.5220/0013458000003979

On the Security of Opportunistic Re-Keying

Stefan Lucks, David Schatz, Guenter Schaefer

2025

Abstract

Asymmetric cryptography is a cornerstone for security in modern IT infrastructures like virtual private networks (VPNs). Unfortunately, the security of currently deployed schemes is threatened by the ongoing research in quantum computing. And while quantum-resistant alternatives exist, known as post-quantum cryptography (PQC), analyses regarding their (implementation) security are not as mature, yet. Consequently, solely relying on PQC might be susceptible to “store now, decrypt later” attacks. Instead, many researchers suggest using “hybrid” key exchanges, e.g., combining classical asymmetric cryptography, PQC, and symmetric alternatives like quantum key distribution (QKD) and multipath key reinforcement (MKR). In this article, we formalize the idea of “opportunistic re-keying”, where a session key is continuously updated using input key material that might be known or even chosen by an attacker. Assuming that at least one input key material is not known to the attacker, we prove the security of the construction in the random oracle model. I.e., when an ideal random function is used for combining the current internal state and new input to generate the next session key and state. Further, we suggest two concrete parameter sets for the construction, corresponding to the security categories 3 and 5 of the NIST standardization process for PQC.

Download

Paper Citation

in Harvard Style

Lucks S., Schatz D. and Schaefer G. (2025). On the Security of Opportunistic Re-Keying. In Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-760-3, SciTePress, pages 329-338. DOI: 10.5220/0013458000003979

in Bibtex Style

@conference{secrypt25,
author={Stefan Lucks and David Schatz and Guenter Schaefer},
title={On the Security of Opportunistic Re-Keying},
booktitle={Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2025},
pages={329-338},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013458000003979},
isbn={978-989-758-760-3},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - On the Security of Opportunistic Re-Keying
SN - 978-989-758-760-3
AU - Lucks S.
AU - Schatz D.
AU - Schaefer G.
PY - 2025
SP - 329
EP - 338
DO - 10.5220/0013458000003979
PB - SciTePress