Creating Trust and Replacing Public Key Encryption: The Needham Schroeder Protocol
What’s one of the most difficult things to do in cybersecurity? Ans: Key management and in the creation of a trust infrastructure. Well, one method we can use was defined in 1978 by Roger Needham and Michael Schroeder [1]:
This week, a paper was published that outlined the possible reduction in the security of LWE (Learning With Errors). While it didn’t break Post Quantum Cryptography (PQC) methods, we must be a little worried that lattice cryptography might have a weak point. As Kyber — a lattice-based key exchange method — is the only current standard for PQC key exchange, NIST is investigating other methods, including BIKE, HQC and McEliece for standardisation:
But public key methods are not the only way to negotiate a key. For this, we can use a symmetric key method, and where Bob and Alice can generate a shared encryption key. We then need a KDC…
