Ironwood Meta Key Agreement and Authentication Protocol
This addresses the need for quantum-resistant cryptography in IoT applications, though it appears incremental as a specific instance of a broader protocol type.
The paper introduces Ironwood, a quantum-resistant Meta Key Agreement and Authentication Protocol that combines aspects of public-key and shared-key systems, showing it outperforms ECC on IoT devices with fewer resources.
Number theoretic public-key solutions, currently used in many applications worldwide, will be subject to various quantum attacks, making them less attractive for longer-term use. Certain group theoretic constructs are now showing promise in providing quantum-resistant cryptographic primitives, and may provide suitable alternatives for those looking to address known quantum attacks. In this paper, we introduce a new protocol called a Meta Key Agreement and Authentication Protocol (MKAAP) that has some characteristics of a public-key solution and some of a shared-key solution. Specifically it has the deployment benefits of a public-key system, allowing two entities that have never met before to authenticate without requiring real-time access to a third-party, but does require secure provisioning of key material from a trusted key distribution system (similar to a symmetric system) prior to deployment. We then describe a specific MKAAP instance, the Ironwood MKAAP, discuss its security, and show how it resists certain quantum attacks such as Shor's algorithm or Grover's quantum search algorithm. We also show Ironwood implemented on several ``internet of things'' (IoT devices), measure its performance, and show how it performs significantly better than ECC using fewer device resources.