RT Conference Proceedings
T1 Integrating Post-Quantum Cryptography Plugins for IPsec Offloads to Data Processing Units in the Cloud-Edge Continuum
A1 Cano Aguilera, Abraham
A1 Rubio García, Carlos
A1 Frantz, Raphaël
A1 Tafur Monroy, Idelfonso
A1 Imaña Pascual, José Luis
A1 Vegas Olmos, Juan José
AB The imminent advent of Quantum Computers poses a significant threat to the cryptographic algorithms supporting the public key infrastructure (PKI) of widely used communication protocols. High Performance Computing (HPC) data centers among other interested parties are well aware of the catastrophic consequences quantum attacks could have on their PKI and are consequently transitioning to Post-Quantum Cryptographic (PQC) methods, despite the substantial overhead this introduces for handling incoming network packets. This work addresses the transition to PQC within the context of the Cloud-Edge Continuum by integrating the Open Quantum Safe (OQS) library into the accelerated strongSwan developed by Mellanox for Data Processing Units (DPUs). This integration offloads cryptographic operations from central servers to data DPUs distributed across the cloud-edge continuum. Our solution ensures quantum security by providing PQ authentication through CRYSTALS-Dilithium or CRYSTALS-FALCON, PQ key exchanges via CRYSTALS-Kyber, and confidential data transmission using AES-256. Additionally, the deployment of this implementation on DPUs helps reduce the computational load on both HPC data centers and edge devices, promoting more efficient and secure operations across the entire cloud-edge continuum.
SN 979-8-3503-5171-2
SN 0018-9219
YR 2024
FD 2024-10
LK https://hdl.handle.net/20.500.14352/118243
UL https://hdl.handle.net/20.500.14352/118243
LA eng
NO A. Cano, C. R. Garcia, R. Frantz, I. T. Monroy, J. L. Imaña and J. J. Vegas, "Integrating Post-Quantum Cryptography Plugins for IPsec Offloads to Data Processing Units in the Cloud-Edge Continuum," 2024 IEEE 32nd International Conference on Network Protocols (ICNP), Charleroi, Belgium, 2024, pp. 1-6, doi: 10.1109/ICNP61940.2024.10858568. keywords: {Resistance;Data centers;Quantum computing;Protocols;Public key;Throughput;Data processing;Libraries;Cryptography;Servers;Quantum-resistant cryptography;Cloud-Edge Continuum;network offloads;data processing units;PQ crytography;public key infrastructure},
NO Se deposita la versión final o aceptada del artículo (postprint)
NO Ministerio de Ciencia, Innovación y Universidades (España)
NO Agencia Estatal de Investigación (España)
NO European Commission
DS Docta Complutense
RD 9 abr 2025