The Security of SSH Protocol Public Key Sharing in the Post-Quantum Era

Authors

  • Hamza Touil
  • Ferdaous Hdioud
  • Nabil El Akkad
  • Khalid Satori

DOI:

https://doi.org/10.47839/ijc.23.3.3650

Keywords:

SSH, BB84, Encryption, Quantum

Abstract

The security of traditional cryptographic schemes is based on mathematical puzzles that cannot be cracked by current computers. However, the rapid development of quantum computers has the potential to greatly reduce the time and resources required to crack these encryption schemes. Although true quantum supremacy may still be years away, it is imperative to adopt anti-quantum algorithms proactively. This preemptive approach aims to thwart "catch first, decrypt later" attacks, wherein attackers intercept and store encrypted data with the intent of decrypting it once quantum computing becomes sufficiently advanced. This threat is particularly critical for protocols like Secure Shell (SSH), which is widely used for secure communication over unsecured networks. In this paper, we propose an innovative approach to enhance the security of public-key distribution within the SSH protocol. Our method integrates quantum-resistant algorithms to ensure that even with the advent of quantum computing, the confidentiality and integrity of SSH sessions are maintained. We emphasize the importance of using cryptographic protocols that operate over open channels, which, while not necessarily confidential, must be authenticated to prevent tampering. In such scenarios, attackers may be able to intercept and even extract information, but they should not be able to alter the data.

References

D. J. Bernstein, J. Buchmann, E. Dahmen, (Eds.), Post-Quantum Cryptography, Springer, 2009. https://doi.org/10.1007/978-3-540-88702-7.

O. Regev, “On lattices, learning with errors, random linear codes, and cryptography,” Journal of the ACM, vol. 56, issue 6, pp. 1-40, 2009. https://doi.org/10.1145/1568318.1568324.

B. A. Buhari, A. A. Obiniyi, “Web applications login authentication scheme using hybrid cryptography with user anonymity,” International Journal of Information Engineering and Electronic Business (IJIEEB), vol. 14, no. 5, pp. 42-50, 2022. https://doi.org/10.1145/1568318.1568324.

N. Koblitz, A. J. Menezes, “A riddle wrapped in an enigma,” IEEE Security & Privacy, vol. 14, issue 6, pp. 34-42, 2016. https://doi.org/10.1109/MSP.2016.120.

M. M. Samy, W. R. Anis, A. A. Abdel-Hafez, H. D. Eldemerdash, “An optimized protocol of m2m authentication for Internet of Things (IoT),” International Journal of Computer Network and Information Security (IJCNIS), vol. 13, no. 2, pp. 29-38, 2021. https://doi.org/10.5815/ijcnis.2021.02.03.

P. W. Shor, “Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,” SIAM Journal on Computing, vol. 26, issue 5, pp. 1484-1509, 1997. https://doi.org/10.1137/S0097539795293172.

D. Jao, L. De Feo, “Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies,” Post-Quantum Cryptography, pp. 19-34, 2011. https://doi.org/10.1007/978-3-642-25405-5_2.

R. L. Rivest, A. Shamir, L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120-126, 1978. https://doi.org/10.1145/359340.359342.

W. Diffie, M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol. 22, issue 6, pp. 644-654, 1976. https://doi.org/10.1109/TIT.1976.1055638.

C. H. Bennett, G. Brassard, “Quantum cryptography: Public key distribution and coin tossing,” Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, 1984, pp. 175-179.

L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol. 24, issue 11, pp. 770-772, 1981. https://doi.org/10.1145/358790.358797.

M. A. Nielsen, I. L. Chuang, Quantum Computation and Quantum Information, Cambridge University Press, 2010.

W. Stallings, Cryptography and Network Security: Principles and Practice, 7th ed., Pearson, 2016.

B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 20th Anniversary ed., Wiley, 2015. https://doi.org/10.1002/9781119183471.ch10.

N. Koblitz, A. J. Menezes, “Cryptography and security for the Internet,” In M. Yung (Ed.), Advances in Cryptology – CRYPTO'89, Springer, 2009, pp. 101-116.

H. Touil, N. E. Akkad, K. Satori, N. F. Soliman and W. El-Shafai, "Efficient Braille Transformation for Secure Password Hashing," in IEEE Access, vol. 12, pp. 5212-5221, 2024. https://doi.org/10.1109/ACCESS.2024.3349487.

D. D. Tran, K. Ogata, S. Escobar, S. Akleylek and A. Otmani, “Formal analysis of post-quantum hybrid key exchange SSH transport layer protocol,” IEEE Access, vol. 12, pp. 1672-1687, 2024. https://doi.org/10.1109/ACCESS.2023.3347914.

S. Rwiza, M. Kissaka, K. Kapis, “Ametric for evaluating security models based on implementation of public key infrastructure,” International Journal of Wireless and Microwave Technologies (IJWMT), vol. 10, no. 6, pp. 27-35, 2020. https://doi.org/10.5815/ijwmt.2020.06.04.

H. Touil, N. El Akkad, K. Satori, “H-Rotation: Secure storage and retrieval of passphrases on the authentication process,” Int J Safety Security Eng, vol. 10, issue 6, pp. 785–796, 2020. https://doi.org/10.18280/ijsse.100609.

H. Touil, N. El Akkad, K. Satori, “Securing the storage of passwords based on the MD5 hash transformation,” Proceedings of the International Conference on Digital Technologies and Applications, 2021, pp. 495–503. https://doi.org/10.1007/978-3-030-73882-2_45.

S. T. Faraj, “A novel extension of SSL/TLS based on quantum key distribution,” Proceedings of the 2008 International Conference on Computer and Communication Engineering, Kuala Lumpur, Malaysia, 2008, pp. 919- 922, https://doi.org/10.1109/ICCCE.2008.4580740.

S. T. Faraj Al-Janabi, “Quantum key distribution networks,” Multidisciplinary Perspectives in Cryptology and Information Security, Chapter 3, pp. 208-214, 2014.

N. Sudhakar Reddy, V. L. Padmalatha and A. V. L. N. Sujith, "A Novel hybrid Quantum Protocol to enhance secured dual party Computation over Cloud Networks," 2018 IEEE 8th International Advance Computing Conference (IACC), Greater Noida, India, 2018, pp. 142- 149, https://doi.org/10.1109/IADCC.2018.8692128.

T. Hassan, F. Ahmed, “Transaction and identity authentication security model for e-banking: Confluence of quantum cryptography and AI,” Communications in Computer and Information Science, pp. 338–347, 2019. https://doi.org/10.1007/978-981-13-6052-7_29.

H. Touil, N. El Akkad, K. Satori, “Homomorphic method additive using pailler and multiplicative based on RSA in integers numbers,” In: Lazaar, M., Duvallet, C., Touhafi, A., Al Achhab, M. (eds) Proceedings of the 5th International Conference on Big Data and Internet of Things. BDIoT 2021. Lecture Notes in Networks and Systems, vol. 489, 2022. Springer, Cham. https://doi.org/10.1007/978-3-031-07969-6_12.

J. Faust, “Distributed analysis of SSH brute force and dictionary based attacks,” St. Clud State University Technical Reprt, pp. 1-160, 2018.

L. Hellemns, L. Hendriks, R. Hofstede, A. Spertt, R. Sadre, A. Pras, “SSHCure: A flow-based SSH intrusion detection system,” IFIP International Conference N Autonomous Infrastructure, Management and Security, pp. 86-97, 2012. https://doi.org/10.1007/978-3-642-30633-4_11.

R. Hofstede, L. Hendriks, A. Sperotto, A. Pras, “SSH compromise detection using NetFlow/IPFIX (Open Access),” Computer Communication Review, vol. 44, issue 5, pp. 20-26, 2014. https://doi.org/10.1145/2677046.2677050.

G. K. Sadasivam, C. Hota, A. Bhojan, “Detection of stealthy single-source SSH password guessing attacks,” Evolving Systems, pp. 1-15, 2021. https://doi.org/10.1007/s12530-020-09360-3.

B. Cui, X. Sun, Y. Chen, “Design and implementation of tourism management system based on SSH,” Advances in Intelligent Systems and Computing, pp. 226–231, 2021.

F. Xu, X. Ma, Q. Zhang, H.-K. Lo, J.-W. Pan,, “Secure quantum key distribution with realistic devices,” Reviews of Modern Physics, vol. 92, issue 2, art. no. 025002, 2020. https://doi.org/10.1103/RevModPhys.92.025002.

A. Leverrier, P. Grangier, “Continuous-variable quantum-key- distribution protocols with a non-Gaussian modulation,” Physical Review A – Atomic, Molecular, and Optical Physics, vol. 83, issue 4, art. no. 042312, 2021. https://doi.org/10.1103/PhysRevA.83.042312.

G. Brassard, N. Lütkenhaus, T. Mor, B. C. Sanders, “Limitations on practical quantum cryptography,” Physical Review Letters, vol. 85, issue 6, pp. 1330-1333, 2020. https://doi.org/10.1103/PhysRevLett.85.1330.

B.-X. Liu, D.-H. Jiang, X.-Q. Liang, Y.-H. Zhang, “A novel quantum voting scheme based on BB84-state,” International Journal of Theoretical Physics, vol. 60, issue 4, pp. 1339-1349, 2021. https://doi.org/10.1007/s10773-021-04760-w.

Downloads

Published

2024-10-11

How to Cite

Touil, H., Hdioud, F., El Akkad, N., & Satori, K. (2024). The Security of SSH Protocol Public Key Sharing in the Post-Quantum Era. International Journal of Computing, 23(3), 317-323. https://doi.org/10.47839/ijc.23.3.3650

Issue

2024, Volume 23, Issue 3

Section

Articles

License

International Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:
•    Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
•    Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
•    Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.