Comparing Post-Quantum Instantiations of the TLS1.3 Handshake

Thesis

It is done!

Calculator

This calculator gives you the ability to compare the size of cryptographic objects exchanged within the TLS 1.3 handshake. This includes the key exchange, signatures and OCSP-stapling, Encrypted Client Hello, and Certificate Transparency. The key exchange offers a wide variety of schemes from classical and post-quantum cryptography, as well as hybrid key exchange, which can be freely configured from offered PKI and KEM schemes. Available signature schemes are sourced from the PQ-Zoo; project's GitHub page.

Creating a configuration:

  1. Select how the key-exchange is handled. All available schemes are within the upper dropdown. Once a scheme is selected, the desired parameters can be selected from the second dropdown. If hybrid key exchange is enabled, there will be two sets of dropdowns instead. The upper set defines the used KEM, the lower set defines the used PKI.
  2. Select the signature algorithm. The upper dropdown again includes a list of available schemes, the lower one the possible parameters.
  3. Additional extensions can be toggled on and off. If Certificate Transparency is enabled, the length of its backlog can be set (and in the future which certificate is used, but that is not implemented yet)
  4. Done! By clicking on “show config”, the created config will be added to the list of comparable configurations.

Viewing configurations:

Each created config will be added to the list on the ride hand side of the calculator. It is identified by the schemes used for key-exchange and creating the signature. The total size of transmitted crypto objects will also be visible. Configs can be expanded by clicking on them, revealing details of the selected components. These include: 

  1. The selected key-exchange scheme(s) name, which is a link to some external side with additional information about each scheme, the selected parameters and the corresponding NIST-Level 
  2. The selected signature scheme's name, which is a link to some external website with additional information about each scheme, the selected parameters and the corresponding NIST-Level
  3. Client Hello with the size and type of each transmitted crypto object as well as the total size of all crypto objects within the client hello message.
  4. Server Hello with the size and type of each transmitted crypto object as well as the total size of all crypto objects within the server hello message.
  5. The combined size of all transmitted crypto objects during the handshake

Whats next?

Some features are not yet implemented. These include:

  • Selecting which certificate is used with Certificate Transparency
  • Ability to delete created configurations — as for now, only reloading the page removes all created configs
  • Importing and exporting created configurations

Proposal

Thesis finished!