Group Key Establishment in a Quantum-Future Scenario Articles uri icon

publication date

  • September 2020

start page

  • 751

end page

  • 768


  • 4


  • 31

International Standard Serial Number (ISSN)

  • 0868-4952

Electronic International Standard Serial Number (EISSN)

  • 1822-8844


  • In cryptography, key establishment protocols are often the starting point paving the way towards secure execution of different tasks. Namely, the parties seeking to achieve some cryptographic task, often start by establishing a common high-entropy secret that will eventually be used to secure their communication. In this paper, we put forward a security model for group key establishment (GAKE) with an adversary that may execute efficient quantum algorithms, yet only once the execution of the protocol has concluded. This captures a situation in which keys are to be established in the present, while security guarantees must still be provided in the future when quantum resources may be accessible to a potential adversary.
    Further, we propose a protocol design that can be proven secure in this model. Our proposal uses password authentication and builds upon efficient and reasonably well understood primitives: a message authentication code and a post-quantum key encapsulation mechanism. The hybrid structure dodges potential efficiency downsides, like large signatures, of some "true" post-quantum authentication techniques, making our protocol a potentially interesting fit for current applications with long-term security needs.


  • Mathematics


  • group key exchange; post-quantum cryptography; quantum-future cryptography