search

PQCA / TAC

https://pqca.org
Apache License 2.0
15 stars 4 forks source link

Working Group Proposal - Application / Industry #34

Open maximilien opened 1 month ago

maximilien commented 1 month ago

Describe the purpose of the group in no more than 4-5 sentences

Proposal to create a working group that focuses on post-quantum applications domain. These applications are part of different industries. For example, in the telecom industry there are different high-level components that could be proposed. Same for other industries.

We want to use this issue to discuss and gauge interest and if there is enough then formally propose the creation of an "Application" (or "Industry") working group which can then work to build communities and review projects and propose them into the PQCA.

cc: @brian-jarvis-aws @Naomi-Wash @hartm @ryjones @ydoroz

Goals of the working group

Non-goals of the working group

Deliverables

AdityaKoranga commented 1 month ago

Good to see the initiation of a discussion on a working group dedicated to the post-quantum applications domain. The initiative aligns closely with a project we've developed called QORE (Quantumized Core Solution). QORE aims to enhance the Beyond 5G core network by integrating PQC and Quantum Random Number Generation (QRNG), addressing the evolving telecom security challenges in the quantum era.

Problem statement:

The current Core Network, as defined by the 3GPP standard, currently relies on classical cryptographic techniques. However, these traditional encryption methods are increasingly vulnerable to quantum threats.

Solution:

To secure the classical Core against these quantum threats, it is necessary to migrate to a Post-Quantum Core. This migration involves utilizing post-quantum cryptographic algorithms that are designed to be secure against the capabilities of quantum computers.

Migration from Classical Core to Post-Quantum Core using QORE

Feature Classical Core Qore (Post-Quantum Core) Status
SUPI to SUCI ECIES (Elliptic Curve Integrated Encryption Scheme) ML-KEM ✅ Done
Hybrid Post Quantum Mechanism ✅ Done
Random Number PRNG (Pseudo Random Number Generator) QRNG (Quantum Random Number Generator) ✅ Done
SBI Communication mTLS PQ-mTLS ✅ Done
Digital Certificates Classical cryptographic algorithm ML-DSA ✅ Done
Symmetric Key AES128 AES256 ✅ Done
N3 User Data IPSec PQ-IPSec 🟡Ongoing
N3 User Data DTLS PQ-DTLS 🟡Ongoing

Have a look at the high-level information/architecture about QORE in the following resources:

BLOG:

VIDEO:

planetf1 commented 2 weeks ago

A few questions relating to the qcore proposal

AdityaKoranga commented 1 week ago

A few questions relating to the qcore proposal

  • how do the proposed efforts relate to PQC activities at industry bodies like GSMA and ETSI ?

The work proposed by industry bodies like GSMA and ETSI are exactly what have been implemented in QORE. Not only GSMA and ETSI in QORE we also follows other Standard Bodies like NIST, 3GPP etc.

  • would the intent to facilitate a workgroup amongst other application developers including qcore, or is it to submit some open source code/docs to a new project?

Yes, we are in the process to open source the code of QORE. Alongwith that we have blog series ongoing(in the next blog it is going to cover the libraries alongwith liboqs that have been used in QORE), various research papers are being made(soon going to be published), some white papers have already been published and additionaly all the progress is recorded and uploaded on youtube.

  • are there any other parties identified that might be involved in such contribution?

QORE has already been tested with several open source projects including LF projects such as Aether/ SD-CORE(part of 5G SBP LFN) +  QORE & Q-RAN has also been tested with OSC(Open RAN software Committee by LF) projects such as OSC-DU-High, xFAPI and CU(from other party), apart from that it has also been tested with several other open source projects such as UERANSIM and HEXA-eBPF.