| Title |
Practical assessment of the SSH services’ transition to post-quantum cryptography |
| Authors |
Zavackė, Simona ; Bukauskas, Linas |
| DOI |
10.22364/bjmc.2025.13.4.06 |
| Full Text |
|
| Is Part of |
Baltic journal of modern computing.. Riga : University of Latvia. 2025, vol. 13, no. 4, p. 862-884.. ISSN 2255-8942. eISSN 2255-8950 |
| Keywords [eng] |
post-quantum cryptography ; hybrid PQC ; transition to PQC ; SSH ; ML-KEM ; Kyber ; ML-DSA ; SLH-DSA ; Falcon ; NIST security levels |
| Abstract [eng] |
Quantum computing poses a critical threat to classical public-key cryptography, driving the adoption of post-quantum cryptography (PQC). While PQC performance has been extensively benchmarked in TLS, empirical studies on the Secure Shell (SSH) protocol remain limited. This paper evaluates the integration of PQC and hybrid (classical+PQC) mechanisms into SSH using an OQS-OpenSSH 8.9 prototype with liboqs support. We measured handshake latency, session size, and Secure Copy Protocol (SCP) transfer performance across standardized algorithms (CRYSTALS-Kyber, CRYSTALS Dilithium, Sphincs+), Falcon, and hybrid configurations. Exper- iments on heterogeneous legacy hardware under realistic LAN conditions were validated through Wireshark captures and protocol checklists. The results show that Falcon yields the smallest handshake sizes, Dilithium offers balanced and stable performance, Kyber scales predictably with NIST security levels, and Sphincs+ incurs significant overhead. Hybrid modes add limited cost while retaining classical trust anchors. These findings extend SSH PQC research beyond handshake analysis, offering deployment-oriented guidance for quantum-safe migration. |
| Published |
Riga : University of Latvia |
| Type |
Journal article |
| Language |
English |
| Publication date |
2025 |
| CC license |
|
