Davide De Zuane

Davide De Zuane, Marco Baldi, Paolo Santini et al.

This paper studies cryptographic key exchange in satellite communications, which requires specific solutions because the satellite context presents unique challenges, particularly concerning onboard resource constraints and long transmission latency. We address these challenges by considering the Internet Key Exchange (IKE) protocol, which is widely used in terrestrial networks, and studying its applicability in the satellite context. This requires addressing two main issues: i) its efficiency in terms of the resources and bandwidth required to adapt to satellite terminals, and ii) its resistance even to attackers equipped with a quantum computer, in order to resist obsolescence and defend against harvest-now-decrypt-later attacks. We study these aspects from both a design and experimental point of view, defining and assessing some protocol variants characterized by low complexity and quantum resistance. To address the need to manage the transition from classic cryptographic primitives to post-quantum ones, we also consider the possibility of using hybrid cryptographic solutions that combine them both.

Alessio Baldelli, Marco Baldi, Davide De Zuane et al.

Bit-Flipping (BF) decoders are a family of decoders widely employed in post-quantum cryptographic schemes based on Quasi-Cyclic Moderate-Density Parity-Check (QC-MDPC) codes, such as BIKE. BF decoders suffer from trapping sets, corresponding to low-weight error patterns that likely lead to decoding failures. For QC-MDPC codes, the most relevant family of trapping sets is that of near-codewords, which are error patterns associated to low-weight syndromes. Indeed, recent works show that error patterns having a large overlap with near-codewords are the main culprits for decoding failures at very low Decoding Failure Rate (DFR) values. In this paper, we show that any BF decoder can be tweaked and made somehow aware of near-codewords, which means being able to recognize, and recover from, bad configurations due to near-codewords. We show that this modification results in minimal computational overhead. Through intensive numerical simulations, we evaluate the effectiveness of this approach on several BF decoders, considering both toy code parameters and BIKE parameters for NIST security category 1. Our results show drastic reductions in the DFR. We also find that, with this modification, a recently proposed BF variant called BF-Max outperforms the two decoders used by BIKE within the NIST competition.