K-Waay: Fast and Deniable Post-Quantum X3DH without Ring Signatures
Daniel Collins, Loïs Huguenin-Dumittan, Ngoc Khanh Nguyen, Nicolas Rolin, Serge Vaudenay
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
In an era increasingly cognizant of the threat posed by quantum computers to current cryptographic standards, the development of **post-quantum cryptography (PQC)** has become a paramount concern. This talk, "K-Waay: Fast and Deniable Post-Quantum X3DH without Ring Signatures," presented by Daniel Collins and his collaborators from EPFL (École Polytechnique Fédérale de Lausanne), addresses a critical challenge in secure messaging: how to achieve **deniable post-quantum key exchange** efficiently. The widely adopted Signal Protocol, which underpins applications like WhatsApp and Signal itself, relies on the **Extended Triple Diffie-Hellman (X3DH)** protocol for its initial key exchange. While X3DH offers robust classical security guarantees, including secrecy, authentication, and crucial deniability, it is vulnerable to quantum adversaries.
AI review
K-Waay presents a crucial advancement in post-quantum secure messaging, offering a novel and efficient protocol for deniable X3DH. By leveraging split KEMs instead of computationally expensive ring signatures, it solves a critical problem for future-proofing secure communication against active quantum adversaries, while maintaining essential privacy properties. This is a must-see for anyone serious about PQC deployment.