Wireless and Fiber-Based Post-Quantum-Cryptography-Secured IPsec Tunnel

Lawo, Daniel Christian; Bakar, Rana Abu; Aguilera, Abraham Cano; Cugini, Filippo; Imaña, José Luis; Monroy, Idelfonso Tafur; Olmos, Juan Jose Vegas

Wireless and Fiber-Based Post-Quantum-Cryptography-Secured IPsec Tunnel

Daniel Christian Lawo, Rana Abu Bakar, Abraham Cano Aguilera, Filippo Cugini, José Luis Imaña, Idelfonso Tafur Monroy () and Juan Jose Vegas Olmos
Additional contact information
Daniel Christian Lawo: Department of Electrical Engineering, Eindhoven University of Technology, 5600 MB Eindhoven, The Netherlands
Rana Abu Bakar: Consorzio Nazioinale Interuniversitario per le Telecomunicazioni, 56124 Pisa, Italy
Abraham Cano Aguilera: Department of Electrical Engineering, Eindhoven University of Technology, 5600 MB Eindhoven, The Netherlands
Filippo Cugini: Consorzio Nazioinale Interuniversitario per le Telecomunicazioni, 56124 Pisa, Italy
José Luis Imaña: Department of Computer Architecture and Automation, Universidad Complutense de Madrid, 28040 Madrid, Spain
Idelfonso Tafur Monroy: Department of Electrical Engineering, Eindhoven University of Technology, 5600 MB Eindhoven, The Netherlands
Juan Jose Vegas Olmos: Software Architecture, Nvidia Corporation, Yokneam Illit 2066730, Israel

Future Internet, 2024, vol. 16, issue 8, 1-22

Abstract: In the near future, commercially accessible quantum computers are anticipated to revolutionize the world as we know it. These advanced machines are predicted to render traditional cryptographic security measures, deeply ingrained in contemporary communication, obsolete. While symmetric cryptography methods like AES can withstand quantum assaults if key sizes are doubled compared to current standards, asymmetric cryptographic techniques, such as RSA, are vulnerable to compromise. Consequently, there is a pressing need to transition towards post-quantum cryptography (PQC) principles in order to safeguard our privacy effectively. A challenge is to include PQC into existing protocols and thus into the existing communication structure. In this work, we report on the first experimental IPsec tunnel secured by the PQC algorithms Falcon, Dilithium, and Kyber. We deploy our IPsec tunnel in two scenarios. The first scenario represents a high-performance data center environment where many machines are interconnected via high-speed networks. We achieve an IPsec tunnel with an AES-256 GCM encrypted east–west throughput of 100 Gbit/s line rate. The second scenario shows an IPsec tunnel between a wireless NVIDIA Jetson and the cloud that achieves a 0.486 Gbit/s AES-256 GCM encrypted north–south throughput. This case represents a mobile device that communicates securely with applications running in the cloud.

Keywords: post-quantum cryptography; falcon; dilithium; kyber; data processing unit; data center; IPsec (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
https://www.mdpi.com/1999-5903/16/8/300/pdf (application/pdf)
https://www.mdpi.com/1999-5903/16/8/300/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:16:y:2024:i:8:p:300-:d:1460598

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().