Safavi-Naini, Reihaneh S.Parveen, Simpy2020-09-292020-09-292020-09-24Parveen, S. (2020). DTLS with Post Quantum Security for Origin Authentication and Integrity (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca.http://hdl.handle.net/1880/112604All public-key cryptography algorithms that are in use today, including RSA (Rivest–Shamir- Adleman) cryptosystem, DSA (Digital Signature Algorithm), and DH (Diffie-Hellman) key agreement, will be broken if quantum computers become a reality. Hence, applications and protocols must be transitioned to quantum-resistant designs. We consider post-quantum security of DTLS (Datagram Transport Layer Security) for source authentication and message integrity. These are essential security requirements for control plane communications in 5G networks. To provide message integrity while avoiding costly post-quantum secure key exchange protocols that rely on unproven computational assumptions, we will use TESLA (Timed Efficient Stream Loss-tolerant Authentication) protocol. TESLA is a data stream authentication protocol that uses symmetric-key cryptographic primitives and a digital signature scheme to achieve security. We first replace the digital signature in TESLA with a hash-based one to achieve post-quantum security, and then carefully revise the DTLS handshake and record layer protocol to include the new TESLA protocol such that it delivers the same properties for DTLS. We argue our design’s security and show our model’s feasibility using an efficient implementation for an open-source DTLS library, called TinyDTLS. Finally, we provide performance measurements for PQ-DTLS compared with original DTLS in authentication and integrity only mode.engUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.PQ SecurityCryptographyNetwork protocolsComputer Sciencemaster thesis10.11575/PRISM/38263