Integrating Post-Quantum Cryptography Plugins for IPsec Offloads to Data Processing Units in the Cloud-Edge Continuum
| dc.conference.date | 28-31 Oct 2024 | |
| dc.conference.place | Charleroi, Bélgica | |
| dc.conference.title | 2024 IEEE 32nd International Conference on Network Protocols (ICNP) | |
| dc.contributor.author | Cano Aguilera, Abraham | |
| dc.contributor.author | Rubio García, Carlos | |
| dc.contributor.author | Frantz, Raphaël | |
| dc.contributor.author | Tafur Monroy, Idelfonso | |
| dc.contributor.author | Imaña Pascual, José Luis | |
| dc.contributor.author | Vegas Olmos, Juan José | |
| dc.date.accessioned | 2025-02-20T09:07:08Z | |
| dc.date.available | 2025-02-20T09:07:08Z | |
| dc.date.issued | 2024-10 | |
| dc.description | Se deposita la versión final o aceptada del artículo (postprint) | |
| dc.description.abstract | The imminent advent of Quantum Computers poses a significant threat to the cryptographic algorithms supporting the public key infrastructure (PKI) of widely used communication protocols. High Performance Computing (HPC) data centers among other interested parties are well aware of the catastrophic consequences quantum attacks could have on their PKI and are consequently transitioning to Post-Quantum Cryptographic (PQC) methods, despite the substantial overhead this introduces for handling incoming network packets. This work addresses the transition to PQC within the context of the Cloud-Edge Continuum by integrating the Open Quantum Safe (OQS) library into the accelerated strongSwan developed by Mellanox for Data Processing Units (DPUs). This integration offloads cryptographic operations from central servers to data DPUs distributed across the cloud-edge continuum. Our solution ensures quantum security by providing PQ authentication through CRYSTALS-Dilithium or CRYSTALS-FALCON, PQ key exchanges via CRYSTALS-Kyber, and confidential data transmission using AES-256. Additionally, the deployment of this implementation on DPUs helps reduce the computational load on both HPC data centers and edge devices, promoting more efficient and secure operations across the entire cloud-edge continuum. | |
| dc.description.agreement | European Commission Marie Skłodowska-Curie 101073355 | |
| dc.description.department | Depto. de Arquitectura de Computadores y Automática | |
| dc.description.faculty | Fac. de Ciencias Físicas | |
| dc.description.refereed | TRUE | |
| dc.description.sponsorship | Ministerio de Ciencia, Innovación y Universidades (España) | |
| dc.description.sponsorship | Agencia Estatal de Investigación (España) | |
| dc.description.sponsorship | European Commission | |
| dc.description.status | pub | |
| dc.identifier.citation | A. Cano, C. R. Garcia, R. Frantz, I. T. Monroy, J. L. Imaña and J. J. Vegas, "Integrating Post-Quantum Cryptography Plugins for IPsec Offloads to Data Processing Units in the Cloud-Edge Continuum," 2024 IEEE 32nd International Conference on Network Protocols (ICNP), Charleroi, Belgium, 2024, pp. 1-6, doi: 10.1109/ICNP61940.2024.10858568. keywords: {Resistance;Data centers;Quantum computing;Protocols;Public key;Throughput;Data processing;Libraries;Cryptography;Servers;Quantum-resistant cryptography;Cloud-Edge Continuum;network offloads;data processing units;PQ crytography;public key infrastructure}, | |
| dc.identifier.doi | 10.1109/ICNP61940.2024.10858568 | |
| dc.identifier.essn | 1558-2256 | |
| dc.identifier.isbn | 979-8-3503-5171-2 | |
| dc.identifier.issn | 0018-9219 | |
| dc.identifier.officialurl | https://doi.org/10.1109/ICNP61940.2024.10858568 | |
| dc.identifier.relatedurl | https://ieeexplore.ieee.org/document/10858568 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14352/118243 | |
| dc.language.iso | eng | |
| dc.page.final | 10858568-6 | |
| dc.page.initial | 10858568-1 | |
| dc.relation.projectID | info:eu-repo/grantAgreement/AEI/Plan Estatal de Investigación Científica y Técnica y de Innovación 2021-2023/ PID2021-123041OB-I00 /ES/ESPECIALIZACIÓN DE LA ARQUITECTURA DESDE LAS PERSPECTIVAS ARITMÉTICA Y DE MEMORIA/ | |
| dc.rights.accessRights | restricted access | |
| dc.subject.cdu | 004 | |
| dc.subject.keyword | Quantum-resistant cryptography | |
| dc.subject.keyword | Cloud-Edge Continuum | |
| dc.subject.keyword | network offloads | |
| dc.subject.keyword | data processing units | |
| dc.subject.keyword | PQ crytography | |
| dc.subject.keyword | public key infrastructure | |
| dc.subject.ucm | Informática (Informática) | |
| dc.subject.unesco | 3304 Tecnología de Los Ordenadores | |
| dc.title | Integrating Post-Quantum Cryptography Plugins for IPsec Offloads to Data Processing Units in the Cloud-Edge Continuum | |
| dc.type | conference paper | |
| dc.type.hasVersion | AM | |
| dspace.entity.type | Publication | |
| relation.isAuthorOfPublication | 1c42e591-4b3d-4cb4-919d-01813fa4cd36 | |
| relation.isAuthorOfPublication.latestForDiscovery | 1c42e591-4b3d-4cb4-919d-01813fa4cd36 |
Download
Original bundle
1 - 1 of 1
