Please note: This PhD defence will be given online.
Sebastian Reynaldo Verschoor, PhD candidate
David R. Cheriton School of Computer Science
Supervisor: Professor Michele Mosca
Information security deals with the protection of our digital infrastructure. Achieving meaningful real-world security requires powerful cryptographic models that can give strong security guarantees and it requires accuracy of the model. Substantial engineering effort is required to ensure that a deployment meets the requirements imposed by the model.
Quantum information impacts the field of security in two major ways. First, it allows more efficient cryptanalysis of currently widely deployed systems. New “post-quantum” cryptographic algorithms are designed to be secure against quantum attacks, but do not require quantum technology to be implemented. Since post-quantum algorithms have different properties, substantial effort is required to integrate these in the existing infrastructure. Second, quantum cryptography leverages quantum-mechanical properties to build new cryptographic systems with potential advantages, however these require a more substantial overhaul of the infrastructure.
In this thesis I highlight the necessity of both the mathematical rigour and the engineering efforts that go into security protocols in the context of quantum information. This is done in three different contexts.
First, I analyse the impact of key exhaustion attacks against quantum key distribution, showing that they can lead to substantial loss of security. I also provide two mitigations that thwart such key exhaustion attacks by computationally bounded adversaries, without compromising the information theoretically secure properties of the protocol output. I give various security considerations for secure implementation of the mitigations.
Second, I consider how quantum adversaries can successfully attack quantum distance bounding protocols that had previously been claimed to be secure by informal reasoning. This highlights the need for mathematical rigour in the analysis of quantum adversaries.
Third, I propose a post-quantum replacement for the socialist millionaire protocol in secure messaging. The protocol prevents some of the usability problems that have been observed in other key authentication ceremonies. The post-quantum replacement utilizes techniques from private set intersection to build a protocol from primitives that have seen much scrutiny from the cryptographic community.
To join this PhD defence on MS Teams, please go to https://teams.microsoft.com/l/meetup-join/19%3A93e18345d69b4b0ba35705d4e7b4108c%40thread.tacv2/1629296475508?context=%7B%22Tid%22%3A%22723a5a87-f39a-4a22-9247-3fc240c01396%22%2C%22Oid%22%3A%22fe80089b-3005-4397-ae62-3b12b09b38cd%22%2C%22MessageId%22%3A%221629296475508%22%7D.
200 University Avenue West
Waterloo, ON N2L 3G1