Quantum computers utilize quantum physics to perform computation that are well beyond the capabilities of traditional computers. With the advent of quantum computing, we will be able tackle complex and difficult problems that we still cannot solve today. For example, quantum simulation allows us to better simulate chemical reactions at the molecular level, which might lead to breakthrough for the medical research and pharmaceutical industry. However, quantum computing also allows well-equipped attackers to break certain cryptographic schemes which are the foundation of our digital communication today. By compromising those cryptographic schemes, the encrypted data, be it a private video shared within friends and family, or a highly sensitive email exchanged between government officials, loses its confidentiality and become accessible to the attackers. In addition, all online banking systems as well as cryptocurrencies, which both rely on those cryptographic schemes to prevent frauds and to operate, would become no longer secure. It is not exaggerating to say that quantum computing challenges the very foundation of our digital society by providing a means, albeit still a theoretical one, to reset our digital security to ground zero. The impact of quantum computing on digital communication would be profound and would affect all of us.
To address the imminent threats imposed by quantum computing on digital security, The US National Institute of Standards and Technology (NIST) has initiated, together with scientists and enterprises around the world, a standardization process for the so-called Post-Quantum Cryptography (PQC). The PQC standards would replace the soon-to-be-broken cryptographic schemes that we have been using for decades and become the next generation cryptographic schemes. The PQC standardization is scheduled to finish by 2022, which should leave plenty of time for migration before a sufficiently powerful quantum computer is built.
KPN Chief Information Security Office (CISO) has been actively following the PQC standardization process and investigating measures for securing our digital infrastructure against resourceful attackers equipped with quantum computers. In parallel to the Quantum Key Distribution (QKD) project, KPN CISO is also investigating the possibilities and impacts of migrating our infrastructure to PQC. In particular, KPN CISO has been working together with Prof. Peter Schwabe from Radboud Universiteit and Prof. Andreas Hülsing and his PhD student Florian Weber from Technische Universiteit Eindhoven, to develop a new quantum-resistant VPN protocol based on the popular VPN software WireGuard. Together with our external collaborators, we developed the highly efficient PQ-WireGuard VPN protocol based on some candidates of the PQC standards. We formally proved the security of the proposed protocol, both mathematically and logically, under extreme conditions. The new protocol can be considered as the most efficient and secure VPN protocol that we know of today. To analyze its performance, we implemented PQ-WireGuard as a Linux kernel module, and tested it against other popular VPN software, including IPSec and OpenVPN (and its variant OpenVPN-NL). Our experiments showed that our implementation outperforms IPSec by a factor of 5, and OpenVPN by a factor of 1000, in terms of handshake efficiency. It is worthy mentioning that we also tested PQ-WireGuard against PQ-OpenVPN, which is an effort to make OpenVPN quantum-resistant by Microsoft. Our results showed that PQ-WireGuard outperforms PQ-OpenVPN also by a factor of 1000, while offering superior security.
Needless to say, it would not be sufficiently convincing to claim the aforementioned advantages of PQ-WireGuard based on our own review. Therefore, we compiled our new protocol design, its security proofs as well as the performance comparison with other VPN software, into an academic paper. We submitted the paper to IEEE Symposium on Security and Privacy 2021, which is one of the most prestigious security conferences, so our work can be reviewed by renowned cryptographers and scientists. After months of close examination, we learnt from the conference committee that our paper has been accepted. This is a great honor for us since the conference is highly competitive and has an acceptance rate of only 9% (17 out of 189 papers this year). Only the best submissions which are reviewed and verified by the most distinguished mathematicians and cryptographers would be accepted. Our protocol design, its security proofs as well as the performance comparison, have been inspected and analyzed by fellow cryptographers and are considered correct. The acceptance of our paper shows that our PQ-WireGuard protocol has become mature and officially concludes the research part of the PQ-WireGuard project. It was also an honor for us to learn that, our work has been cited by NIST in their latest report on the PQC standardization process. This shows that our PQ-WireGuard VPN protocol is of practical value, and has contributed to the ongoing standardization of the next generation standards for digital communication.
KPN CISO is currently investigating further on potential internal deployment of PQ-WireGuard, on a voluntary basis. More information would follow after the details have been sorted out. For interested readers, the academic paper of our PQ-WireGuard can be found here: https://eprint.iacr.org/2020/379.pdf