Niranjan M MFollow

Abstract

Kyber is a lattice-based key encapsulation mechanism, which is based on asymmetric key encryption, but resistant to crypto-analysis attack as it is implemented based on Module LWE. NIST selected Kyber for post-quantum key exchange in 2024, which is being integrated with TLS libraries.

Even though Kyber provides stronger security against crypto-analysis attacks and works with negligible performance impact, but it is having some of the vulnerabilities such as, side-channel timing vulnerabilities etc.,

Proposed method enhances the security of Agent2Agent protocol. This method is resistant to crypto-analysis attack and overcome the side-channel timing vulnerabilities of standard Kyber PQC. As per the proposed method, after sharing quantum secure secret key between two AI agents, generate unique pairs of {SecretKey, KeyId}, e.g., {SecretKey-1,KeyId-1},{SecretKey-2,KeyId-2}...{SecretKey-100,KeyId-100} on both the AI agents using Key-Regeneration Function (KRF). This function, once it is initialized with the shared secret key, it generates unique pair of {SecretKey, KeyId}.

As per the proposal, whenever AI agent want to send the AI payload (carrying request/response) to the another AI agent, it randomly selects the KeyId and fetch the corresponding SecretKey (from KRF) to encrypt the AI payload. Further, send the encrypted AI payload as part of A2A protocol, which carries KeyId in the header, to the another AI agent. On the receiver AI agent, use the KeyId available in the protocol header to retrieve the corresponding SecretKey locally (using same KRF). Use this SecretKey to decrypt the AI payload.

With the proposed method, we are able to achieve:

  • Per Request/Response quantum secure encryption key usage.
    • This is the requirement to improve the security of any PQC algorithm (including Kyber PQC) against vulnerabilities.
  • The key generation process does not depends on the time.
    • This is also the requirement to avoid side-channel timing vulnerability of Kyber.
  • Unique key pair for encrypted each AI payload.
    • This ensure, none of algorithms used in crypto-analysis attack can do inference from the encrypted AI payloads.
  • The unique quantum secure secret key for each pair of AI agents and their communication.
    • This avoids, compromise of one AI agent (may be due to impersonation or agent spoofing) does not affect the other AI agents in the multi-agent AI systems (in other words, avoid agent interference).

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.

Download

Share

COinS