44 Post Quantum Crypto for Dummies as defined in the GSM specification, has only 64 bits and is not strong enough to withstand a powerful adversary. RFC 4186 provides more details. The functions A3 and A8 are often specific to the mobile network operator (MNO). Again, these are implemented both in the AUC and in the SIM card. Hardware security modules (HSMs) are required in order to implement secure AUCs. As key derivation functions (KDFs) such as A8 are often custom designed, it is important that the HSM offers a software-development kit (SDK). Kerberos Kerberos is a computer network authentication protocol that works on the basis of tickets to allow nodes which are communicating over a non-secure network to prove their identity to one another in a secure manner. The protocol was named after the ferocious three-headed guard dog of Hades. While Kerberos has an optional extension supporting asymmetric cryptography, it was designed to work on purely symmetric cryptography. It implements a version of the Needham-Schroeder symmetric key protocol that has been modified to withstand replay attacks. Details can be found in RFC 4120. RFC 3962 describes the AES encryption for Kerberos 5. The KDC is implemented in a secure server S. A somewhat simplified version of Alice (A) establishing a secure connection to Bob (B) involves: NA,NB: nonce generated by A or B, respectively KAS, KBS: secret key shared by A and S (or B and S, respectively) KAB: session key For the sake of simplicity, let us look at the Needham-Schroeder symmetric key protocol. In the description below, »{X}/K« stands for »X encrypted with key K.« Alice contacts the server. A → S∶ A, B, NA The server generates a session key and returns it twice: Once for Alice, encrypted with KAS, and another copy for Bob (along with a note that the request was generated by A=Alice) additionally encrypted with KBS. S → A∶ {NA, KAB, B, {KAB, A}∕KBS}∕KAS
PQC_for_Dummies
To see the actual publication please follow the link above