Title: Next-generation authentication and key exchange protocols
|Room: (change of room!)
Key exchange and authentication are at the heart of protocols for establishing secure communication on the Internet and other communication channels. In this talk, I'll discuss ways in which key exchange is evolving to meet new security demands and deliver new functionality. First, I'll discuss the need for key exchange and authentication protocols that resist attacks by quantum computers, and describe new mechanisms whose security relies on the difficulty of breaking certain problems involving lattices, which are conjectured to be hard for quantum computers. Second, I'll talk about new key exchange security properties that are inspired by real-world Internet security protocols such as TLS (used on the web) and Signal (used for instant messaging), and our work on modelling and analyzing these real-world systems. I'll conclude by discussing how we can begin preparing for the transition to quantum-resistant algorithms, and the range of exciting research questions that await.