KEMTLS

KEMTLS is an alternative for the TLS handshake, that uses post-quantum KEMs instead of signatures for handshake authentication.

Latest News

2024-02-20 1 min read
KEMTLS Implementations

KEMTLS has been independently implemented by several people. In this post, we briefly describe some of them. Note that these implementations followed the academic description of KEMTLS, which differs from the AuthKEM draft in some small ways.

Recent & Upcoming Talks

A tale of two models: formal analysis of KEMTLS in Tamarin
Conference presentation of our KEMTLS formal analysis paper at ESORICS 2022
2022-09-27 15:00 — 15:20 DGI Byen CPH Conference Center
Slides
KEMTLS-PDK
Conference talk about KEMTLS-PDK
2021-10-07 15:15 — 16:30 Virtual
Slides
See all events

Recent Publications

Post-Quantum TLS
Ph.D. thesis on post-quantum cryptography in TLS. Thom Wiggers investigates current proposals for post-quantum TLS, but more …
PDF Cite
Post-Quantum TLS
KEMTLS vs. Post-Quantum TLS: Performance on Embedded Systems
We investigate the performance of KEMTLS and PQ instantiations of TLS 1.3 on embedded devices.
PDF Cite DOI
A tale of two models: formal verification of KEMTLS in Tamarin
We prove the security of KEMTLS in two Tamarin models. One mode is based on the Cremers et al. model of TLS 1.3; the other closely resembles our pen-and-paper proofs. These models allow us to analyse KEMTLS, and its extension KEMTLS-PDK from different angles.
PDF Cite DOI
KEMTLS with Delayed Forward Identity Protection in (Almost) a Single Round

The recent KEMTLS protocol (Schwabe, Stebila and Wiggers,CCS’20) is a promising design for a quantum-safe TLS handshake protocol. …

Preprint Cite DOI
Implementing and Measuring KEMTLS
KEMTLS (CCS 2020) is a novel alternative to the Transport Layer Security (TLS) handshake that integrates post-quantum algorithms. It …
Preprint PDF Cite DOI
See all publications