Towards Larger Public Keys For Key Exchange

As RSA key sizes have increased to over 2,048 bits, we have been lucky that elliptic curve methods came along and gave us much smaller keys…
Photo by Angela Merenkova on Unsplash

Towards Larger Public Keys For Key Exchange

As RSA key sizes have increased to over 2,048 bits, we have been lucky that elliptic curve methods came along and gave us much smaller keys [here]:

In this case, we see a 32-byte secret (private) key size for P256, and 64 bytes for the public key (as it has an x- and y-co-ordinate value) and then another byte added to identify the type of point. This gives a 65 byte public key. For X22519, we only require a single co-ordinate value, and thus only need 32 bytes for the public key (and which is the same size as the secret key). The ciphertext is the payload send between two parties in order to exchange keys.

Unfortunately ECC has a core weakness and that the method can be cracked by quantum computers. To overcome this we need new methods which are quantum robust. These include Kyber, SABER, NTRU, McEliece and SIKE [here]:

With ths we see that the isogeny-based SIKE method has the smallest key sizes, followed by the lattice methods (Kyber, SABER and NTRU), and with McEliece with the longest keys (but fairly short ciphertext value).

In order to improve the performance of PQC key exchange, we can create a hybrid model and use X25519 and X488. In this case we will use Kyber512-X25519, Kyber768-X448 and Kyber1024-X448, and which uses X25519 and X448 key exchange methods. The key size for this change a little, and where Kyber512 produces an 800 byte public key, and this rises to 832 bytes for Kyber512-X2551. A sample run for Kyber512-X25519 is [here]:

Method: Kyber512-X25519 
Public Key (pk) = 0D584135D3242392B5E6EC06B3990CEEC43CB3A35875F3CDECC53FEADA33E047 (first 32 bytes)
Private key (sk) = 7B558F88CA046A7C1A83431ACAD94629B4A72E8BBEFFF40AD1A7024A2A6DC8A5 (first 32 bytes)
Cipher text (ct) = 170F2B8C341B603A38520E16404C3D507ACB5A45BC582F4CCA1AD807196D071B (first 32 bytes)
Shared key (Bob):	82B7AECBC7A5C381C712FBA258A38984DA32B9D2B39B2D118B7978371402CD9E413574B7684518ECC484D4DFDCFA0EBFE377FEF3AB982F60F47AD666C56EC196
Shared key (Alice):	82B7AECBC7A5C381C712FBA258A38984DA32B9D2B39B2D118B7978371402CD9E413574B7684518ECC484D4DFDCFA0EBFE377FEF3AB982F60F47AD666C56EC196
Length of Public Key (pk) = 832 bytes 
Length of Secret Key (sk)  = 1664  bytes
Length of Cipher text (ct) = 800  bytes

A sample run for Kyber768-X448 is [here]:

Method: Kyber768-X448 
Public Key (pk) = 0F3BC5031BB49ED1184E378C39E8BB1696442290329B716A97E79FF100B73599 (first 32 bytes)
Private key (sk) = 7B86917D307381BC146125709BD2A39EF6623F8A05F264416E26660F04CA4D20 (first 32 bytes)
Cipher text (ct) = 6575C5E916830D96D36C204307284AF89587BEFFC3F579EFEBE352198709FCE5 (first 32 bytes)
Shared key (Bob):	5FC20E38B2267E042BCB36319732E2BD5C2D57A9C78D4955FB9423D3D982CA5A1FF791AD7707E18942505334C02FB36F30BD55ED660A781B1101B0CF205C30D767D8718E752107C3B82145330DC0B5817B5788F4A25FC4FB51BF71477B03346A
Shared key (Alice):	5FC20E38B2267E042BCB36319732E2BD5C2D57A9C78D4955FB9423D3D982CA5A1FF791AD7707E18942505334C02FB36F30BD55ED660A781B1101B0CF205C30D767D8718E752107C3B82145330DC0B5817B5788F4A25FC4FB51BF71477B03346A
Length of Public Key (pk) = 1240 bytes 
Length of Secret Key (sk)  = 2456  bytes
Length of Cipher text (ct) = 1144  bytes

A sample run for Kyber1024-X448 [here]:

Method: Kyber1024-X448 
Public Key (pk) = ACDC644291611A014B41408A16D52479B513FBE15906B259660BB0579B1D9508 (first 32 bytes)
Private key (sk) = 690133C140927B6212D539458DB18DC0F28B7CEB549BF32C2FB03229A109C705 (first 32 bytes)
Cipher text (ct) = 488232A8878C312FE5988DD19EA04CBC892F25036569423E83061CAEF2C32FC7 (first 32 bytes)
Shared key (Bob):	FFE3DA3744D79EEBAC20C6224B9EAE6B9622F5B8202C4227A7500984DC0943842A1EE9A775E5CD699CAE5A3134925F666F0F1C78B9B3237F4EFA50EE7632F47485A9D402238AAB802E1100A1DD037EEBC781889E335328D25E536B04528D343A
Shared key (Alice):	FFE3DA3744D79EEBAC20C6224B9EAE6B9622F5B8202C4227A7500984DC0943842A1EE9A775E5CD699CAE5A3134925F666F0F1C78B9B3237F4EFA50EE7632F47485A9D402238AAB802E1100A1DD037EEBC781889E335328D25E536B04528D343A
Length of Public Key (pk) = 1624 bytes 
Length of Secret Key (sk)  = 3224  bytes
Length of Cipher text (ct) = 1624  bytes

If you want to investigate these methods, try here:

https://asecuritysite.com/circl/circl_hybrid