How to build post-quantum cryptographic protocols and why wall clocks are not to be trusted.
Rosenpass is a post-quantum secure cryptographic protocol, an implementation of that protocol in the Rust programming language, and a governance organization stewarding development of both protocol and implementation. When used with WireGuard, Rosenpass functions as a ready-to-use virtual private network with full security against quantum attackers.The development of a technology like Rosenpass is complex and requires a good footing in cryptographic research, software engineering, industry practices, and science communication. Bringing together these diverse threads of activity is an ongoing challenge. Individual work is not enough, it takes a group; an organization. We are the group that tries to tackle these challenges for Rosenpass.In this talk, we will focus on Rosenpass as a protocol and explain the principles used and challenges encountered when designing such a protocol. Equipped with ample time and many scientific illustrations, we hope to give insight to an audience with many different levels of knowledge about cryptographic subjects.This is not a lecture for experts. This is supposed to be entertainment for the technologically inclined.In the talk we are going to explain what key encapsulation methods are, how they are different from "non-interactive key exchanges" – often just called "Diffie-Hellman" operations. We will demonstrate how key encapsulation methods can be used to build a secure cryptographic key exchange protocol and how the X-Wing fighter can be used to provide cryptographic redundancy.Finally, we will turn our attention to attacks we found against WireGuard, show off a protocol level denial-of-service attack against WireGuard and explain how we solved that attack in Rosenpass.