Post-Quantum

An introduction to formal analysis and our proof of the security of KEMTLS.

We make KEMTLS more efficient in scenarios where the client already has the server’s long-term public key, for example through caching or because it’s pre-installed.

In this paper, we study implementations of post-quantum signature schemes on resource-constrained devices. We focus on verification of …

Talk about KEMTLS on Cloudflare TV

Talk about Post-Quantum TLS without Handshake Signatures at RWC 2021 (virtual).

Conference talk about Post-Quantum TLS without Handshake Signatures at ACM CCS (virtual).

Talk about Post-Quantum TLS without Handshake Signatures at the Lorentz Workshop (virtual)

Department Lunch Talk about KEMTLS

We present an alternative to TLS 1.3, by authenticating using only Key-Encapsulation Mechanisms. This allows us to get rid of handshake signatures, as post-quantum signature schemes are expensive, both in bytes and computation times.

We investigate getting rid of signatures in TLS