Development of an improved SSL/TLS protocol using post-quantum algorithms

Abstract

The development of Internet technologies together with mobile and computer technologies have formed smart technologies that allow the formation of both cyber-physical and socio-cyber-physical systems. The basis of smart technologies is the integration of wireless channel standards with mobile and computer protocols. 4G/5G technologies are integrated with various web platforms, taking into account the digitalization of services in cyberspace. But the SSL/TLS protocol, based on the hybridization of symmetric encryption algorithms with hashing algorithms (AEAD mode), which is supposed to provide security services, is vulnerable to “Meet in the middle”, POODLE, BEAST, CRIME, BREACH attacks. In addition, with the advent of a full-scale quantum computer, symmetric and asymmetric cryptography algorithms that provide security services can also be hacked. To increase the level of security, an improved protocol based on post-quantum algorithms – crypto-code constructions is proposed, which will ensure not only resistance to current attacks, but also stability in the post-quantum period. To ensure the “hybridity” of services, it is proposed to use the McEliece and Niederreiter crypto-code constructions (confidentiality and integrity are ensured) and the improved UMAC algorithm on the McEliece crypto-code construction. Taking into account the level of “secrecy” of information, it is suggested to use various combinations of crypto-code constructions on different algebraic geometric and/or flawed codes. The use of crypto-code constructions not only provides resistance to attacks, but also simplifies the formation of a connection – the parameters of elliptic curves are used to transmit a common key. This approach significantly reduces the connection time of mobile gadgets and simplifies the procedure of agreement before data transfer.