pith. sign in

arxiv: 2605.06932 · v1 · submitted 2026-05-07 · 💻 cs.CR · cs.NI

Aquaman: A Transparent Proxy Architecture for Quantum Resilient Key Establishment

Tushin Mallick , Ashish Kundu , Ramana Kompella This is my paper

Pith reviewed 2026-05-11 01:11 UTC · model grok-4.3

classification 💻 cs.CR cs.NI
keywords transparent proxyquantum resiliencepost-quantum cryptographykey fragmentationharvest now decrypt latermulti-path securitysession key establishment
0
0 comments X

The pith

Aquaman uses a transparent proxy to deliver quantum-resilient key establishment for clients without post-quantum support.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper presents Aquaman, a transparent proxy placed at the edge of a trusted network that intercepts session-key requests and supplies quantum-resistant exchange on behalf of unmodified clients. It counters the harvest-now decrypt-later threat by supporting modes such as offloading post-quantum cryptography and fragmenting keys across independent media channels. In the multi-path mode, ciphertext fragments travel over heterogeneous paths including Wi-Fi, Bluetooth, and cellular, and reconstruction requires every fragment. A formal argument establishes that an adversary's recovery probability decays exponentially as (B/d)^n with increasing path diversity n. Prototype measurements on AWS EC2 confirm that added processing contributes negligible delay compared with ordinary network transmission.

Core claim

Aquaman is a transparent-proxy architecture for quantum-resilient session-key establishment. It supports four modes: PQC offload for clients lacking suitable stacks, classical multi-path fragmentation over diverse media, QKD via the SKIP/ETSI interface, and classical/PQC hybrids. The implemented multi-path mode splits the session key into fragments distributed across heterogeneous channels such that all fragments are required for reconstruction. The authors formalize the security argument and prove that recovery probability decays as (B/d)^n in the diversity dimension. A 1,000-run evaluation shows latency is dominated by network transmission rather than multi-path overhead.

What carries the argument

The transparent proxy that intercepts key-establishment traffic at the network boundary and applies either post-quantum offload or key fragmentation across independent diverse media.

If this is right

  • Organizations can protect legacy clients immediately by deploying the proxy at controlled network edges.
  • Security strength grows exponentially with the number of independent communication channels available.
  • The architecture adds no meaningful latency beyond normal network transmission delays.
  • The same proxy can later incorporate QKD or hybrid handshakes through standard interfaces.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The multi-path approach could also reduce risk from non-quantum adversaries who archive traffic for later analysis.
  • Enterprises controlling multiple distinct physical interfaces would obtain the strongest practical security from fragmentation.
  • Real-world validation would require tests that simulate partial-path compromise under realistic channel correlation.

Load-bearing premise

The proxy stays trusted and the media paths remain independent so that an adversary cannot obtain every fragment without compromising all channels.

What would settle it

Demonstration that an adversary can reconstruct the full session key after compromising only a proper subset of the media paths used for fragmentation.

Figures

Figures reproduced from arXiv: 2605.06932 by Ashish Kundu, Ramana Kompella, Tushin Mallick.

Figure 1
Figure 1. Figure 1: QKMS-side latencies (non-PQ scenario). Mean values over 1,000 [PITH_FULL_IMAGE:figures/full_fig_p008_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: QKMS-side latencies (PQ scenario, multi-path on top of a PQ KEM). [PITH_FULL_IMAGE:figures/full_fig_p009_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Proxy-side latencies for key establishment over multi-path (non-PQ [PITH_FULL_IMAGE:figures/full_fig_p009_3.png] view at source ↗
read the original abstract

The harvest-now, decrypt-later (HNDL) threat--adversaries intercepting and archiving ciphertext today for retrospective decryption once quantum computers mature--turns the future quantum threat into a present liability for the public-key primitives (RSA, Diffie-Hellman, ECC) that anchor modern session-key exchange. We present Aquaman, a transparent-proxy architecture for quantum-resilient session-key establishment. A transparent proxy intercepts session-key requests at the edge of a trusted network without requiring client-side configuration, deploying quantum-resistant capability at the network boundary on behalf of clients that may themselves lack post-quantum cryptography (PQC). Aquaman supports four operating modes: PQC offloaded to the proxy for clients without trusted PQC stacks; classical multi-path key fragmentation over heterogeneous media (with an optional anonymous proxy-pool variant); QKD with the SKIP/ETSI GS QKD 014 key-delivery interface; and classical/PQC hybrid handshakes. We implement and evaluate the first two modes; the latter two are well-trodden in the PQC literature and we discuss but do not implement them. The implemented multi-path mode splits the session key into ciphertext fragments distributed across diverse media (Wi-Fi, Bluetooth, NFC, cellular, Ethernet); reconstruction requires all fragments. We formalize the security argument and prove that recovery probability decays as (B/d)^n in the diversity dimension. A 1,000-run prototype evaluation on AWS EC2 shows that latency is dominated by network transmission, not by multi-path overhead.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper presents Aquaman, a transparent proxy architecture for quantum-resilient session-key establishment to counter the harvest-now decrypt-later threat. It supports four modes (PQC offload to proxy, classical multi-path fragmentation over heterogeneous media with optional anonymous pool, QKD via SKIP/ETSI interface, and classical/PQC hybrids), implements the first two, formalizes the security argument proving that fragment recovery probability decays as (B/d)^n with increasing diversity n, and reports a 1,000-run AWS EC2 prototype evaluation showing latency dominated by network transmission rather than multi-path overhead.

Significance. If the path-independence assumptions hold and the performance results generalize, the work offers a deployable, client-transparent mechanism for adding quantum resilience at the network edge without requiring PQC stacks on endpoints. The explicit formalization of the combinatorial security bound and the prototype implementation provide concrete strengths for practical post-quantum migration.

major comments (2)
  1. [§5] §5 (Prototype Evaluation): The 1,000-run AWS EC2 evaluation concludes that latency is dominated by network transmission rather than multi-path overhead, yet the architecture description splits fragments across Wi-Fi, Bluetooth, NFC, cellular, and Ethernet; EC2 instances provide only virtualized Ethernet-style networking and cannot reproduce real-device discovery, pairing, interference, packet-loss, or synchronization costs for Bluetooth/NFC, so the measured overhead does not substantiate the claim for the claimed heterogeneous-media deployment.
  2. [Security Formalization] Security Formalization (near Eq. for (B/d)^n): The recovery probability is stated to decay as (B/d)^n, but the text provides no explicit derivation steps, assumption list (e.g., statistical independence of paths, trusted proxy, adversary must compromise every channel), or proof sketch, which are load-bearing for the central security claim.
minor comments (2)
  1. [Abstract] The abstract states that only the first two modes are implemented while the latter two are discussed; the discussion of QKD and hybrid modes should include concrete interface details or caveats to avoid overstatement.
  2. [§5] The evaluation reports 1,000 runs yet omits baselines, error bars, variance, or statistical significance tests, reducing the ability to interpret the latency dominance claim.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive and detailed feedback. We address each major comment below and have revised the manuscript to incorporate clarifications and additional formalization where appropriate.

read point-by-point responses

  1. Referee: [§5] §5 (Prototype Evaluation): The 1,000-run AWS EC2 evaluation concludes that latency is dominated by network transmission rather than multi-path overhead, yet the architecture description splits fragments across Wi-Fi, Bluetooth, NFC, cellular, and Ethernet; EC2 instances provide only virtualized Ethernet-style networking and cannot reproduce real-device discovery, pairing, interference, packet-loss, or synchronization costs for Bluetooth/NFC, so the measured overhead does not substantiate the claim for the claimed heterogeneous-media deployment.

    Authors: We agree that the AWS EC2 environment, being limited to virtualized networking, cannot reproduce the device discovery, pairing, interference, packet loss, or synchronization costs inherent to real heterogeneous media such as Bluetooth and NFC. The prototype was intended to isolate and quantify the computational and reassembly overhead of the multi-path fragmentation mechanism itself under controlled conditions, using multiple virtual interfaces to emulate path diversity. The results demonstrate that this overhead is negligible relative to network transmission latency. In the revised manuscript we have added explicit language in Section 5 clarifying the scope of the evaluation and a new limitations paragraph noting that full heterogeneous-device costs would require separate physical-hardware experiments. This preserves the utility of the reported measurements while accurately bounding their applicability. revision: yes

  2. Referee: [Security Formalization] Security Formalization (near Eq. for (B/d)^n): The recovery probability is stated to decay as (B/d)^n, but the text provides no explicit derivation steps, assumption list (e.g., statistical independence of paths, trusted proxy, adversary must compromise every channel), or proof sketch, which are load-bearing for the central security claim.

    Authors: We thank the referee for identifying this gap. The bound follows from a simple combinatorial argument: an adversary must recover every one of the n fragments; under the modeling assumption that each path is independent and that the per-path success probability is at most B/d (where B is the adversary's per-path resource budget and d is the effective diversity factor), the probability of recovering all fragments is at most (B/d)^n. The trusted-proxy assumption ensures that the proxy itself does not leak fragments. We will insert a concise proof sketch together with an enumerated list of modeling assumptions immediately preceding the bound in the revised security section, making the central claim self-contained and verifiable. revision: yes

Circularity Check

0 steps flagged

No significant circularity in the derivation chain

full rationale

The paper derives the recovery probability (B/d)^n as a direct combinatorial consequence of the independent-paths assumption and the requirement that all fragments must be obtained for reconstruction; this is a standard calculation from the stated model rather than a self-definition, fitted parameter renamed as prediction, or reduction to prior self-citation. The AWS EC2 prototype supplies an independent empirical measurement of latency overhead. No load-bearing self-citations, imported uniqueness theorems, or smuggled ansatzes appear in the central security or performance arguments. The derivation chain is therefore self-contained.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The central claim rests on the domain assumption that network paths are independent and that the proxy remains trusted; no free parameters or new invented entities are introduced in the abstract.

axioms (2)
  • domain assumption Diverse media paths (Wi-Fi, Bluetooth, NFC, cellular, Ethernet) are independent and an adversary must compromise all fragments to recover the key.
    This assumption directly supports the claimed exponential decay in recovery probability.
  • domain assumption The transparent proxy operates within a trusted network boundary and is not itself compromised.
    Required for the proxy to safely perform PQC offload or key reconstruction on behalf of clients.

pith-pipeline@v0.9.0 · 5580 in / 1442 out tokens · 35848 ms · 2026-05-11T01:11:03.729686+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

22 extracted references · 22 canonical work pages

  1. [1]

    Polynomial-time algorithms for prime factorization and dis- crete logarithms on a quantum computer,

    P. W. Shor, “Polynomial-time algorithms for prime factorization and dis- crete logarithms on a quantum computer,”SIAM Journal on Computing, vol. 26, no. 5, pp. 1484–1509, Oct. 1997

    work page 1997

  2. [2]

    Cybersecurity in an era with quantum computers: Will we be ready?

    M. Mosca, “Cybersecurity in an era with quantum computers: Will we be ready?”IEEE Security & Privacy, vol. 16, no. 5, pp. 38–41, 2018

    work page 2018

  3. [3]

    Report on post-quantum cryptography,

    L. Chen, S. Jordan, Y .-K. Liu, D. Moody, R. Peralta, R. Perlner, and D. Smith-Tone, “Report on post-quantum cryptography,” National Institute of Standards and Technology, Gaithersburg, MD, NIST Internal Report NIST IR 8105, Apr. 2016

    work page 2016

  4. [4]

    Module-lattice-based key-encapsulation mechanism standard (FIPS 203),

    National Institute of Standards and Technology, “Module-lattice-based key-encapsulation mechanism standard (FIPS 203),” U.S. Department of Commerce, Gaithersburg, MD, Federal Information Processing Stan- dards Publication NIST FIPS 203, Aug. 2024

    work page 2024

  5. [5]

    Module-lattice-based digital signature standard (FIPS 204),

    ——, “Module-lattice-based digital signature standard (FIPS 204),” U.S. Department of Commerce, Gaithersburg, MD, Federal Information Processing Standards Publication NIST FIPS 204, Aug. 2024

    work page 2024

  6. [6]

    Stateless hash-based digital signature standard (FIPS 205),

    ——, “Stateless hash-based digital signature standard (FIPS 205),” U.S. Department of Commerce, Gaithersburg, MD, Federal Information Processing Standards Publication NIST FIPS 205, Aug. 2024

    work page 2024

  7. [7]

    NIST selects HQC as fifth algorithm for post-quantum encryp- tion,

    ——, “NIST selects HQC as fifth algorithm for post-quantum encryp- tion,” NIST News Release, March 11, 2025, Mar. 2025

    work page 2025

  8. [8]

    Transition to post-quantum cryptography standards (NIST IR 8547 ipd),

    ——, “Transition to post-quantum cryptography standards (NIST IR 8547 ipd),” U.S. Department of Commerce, Gaithersburg, MD, NIST Internal Report (Initial Public Draft) NIST IR 8547 ipd, Nov. 2024

    work page 2024

  9. [9]

    An efficient key recovery attack on SIDH,

    W. Castryck and T. Decru, “An efficient key recovery attack on SIDH,” inAdvances in Cryptology – EUROCRYPT 2023, ser. Lecture Notes in Computer Science, vol. 14008. Springer, 2023, pp. 423–447

    work page 2023

  10. [10]

    Side-channel and fault-injection attacks over lattice-based post-quantum schemes (Kyber, Dilithium): Survey and new results,

    P. Ravi, A. Chattopadhyay, J.-P. D’Anvers, and A. Baksi, “Side-channel and fault-injection attacks over lattice-based post-quantum schemes (Kyber, Dilithium): Survey and new results,”ACM Transactions on Embedded Computing Systems, 2024

    work page 2024

  11. [11]

    Migration to post- quantum cryptography,

    National Institute of Standards and Technology, “Migration to post- quantum cryptography,” NCCoE Project, 2024

    work page 2024

  12. [12]

    Secure key integration protocol (SKIP),

    R. Singh, C. Hill, S. Kawaguchi, and J. Lupo, “Secure key integration protocol (SKIP),” Internet-Draft draft-cisco-skip-02, IETF, Sep. 2025, work in progress

    work page 2025

  13. [13]

    Quantum key dis- tribution (QKD); protocol and data format of REST-based key delivery API,

    European Telecommunications Standards Institute, “Quantum key dis- tribution (QKD); protocol and data format of REST-based key delivery API,” ETSI, Sophia Antipolis, France, ETSI Group Specification ETSI GS QKD 014 V1.1.1, Feb. 2019

    work page 2019

  14. [14]

    Post-quantum TLS with- out handshake signatures,

    P. Schwabe, D. Stebila, and T. Wiggers, “Post-quantum TLS with- out handshake signatures,” inProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS ’20). Association for Computing Machinery, 2020, pp. 1461–1480

    work page 2020

  15. [15]

    How to share a secret,

    A. Shamir, “How to share a secret,”Communications of the ACM, vol. 22, no. 11, pp. 612–613, Nov. 1979

    work page 1979

  16. [16]

    Securing a quantum key distribution network using secret sharing,

    S. M. Barnett and S. J. D. Phoenix, “Securing a quantum key distribution network using secret sharing,”arXiv preprint, 2012

    work page 2012

  17. [17]

    Quantum cryptography: Public key distribution and coin tossing,

    C. H. Bennett and G. Brassard, “Quantum cryptography: Public key distribution and coin tossing,” inProceedings of the IEEE International Conference on Computers, Systems and Signal Processing, Bangalore, India, Dec. 1984, pp. 175–179

    work page 1984

  18. [18]

    Post-quantum key exchange for the Internet and the Open Quantum Safe project,

    D. Stebila and M. Mosca, “Post-quantum key exchange for the Internet and the Open Quantum Safe project,” inSelected Areas in Cryptography (SAC) 2016, ser. Lecture Notes in Computer Science, vol. 10532. Springer, Oct. 2017, pp. 1–24

    work page 2016

  19. [19]

    Untraceable electronic mail, return addresses, and digital pseudonyms,

    D. L. Chaum, “Untraceable electronic mail, return addresses, and digital pseudonyms,”Communications of the ACM, vol. 24, no. 2, pp. 84–90, Feb. 1981

    work page 1981

  20. [20]

    Tor: The second- generation onion router,

    R. Dingledine, N. Mathewson, and P. Syverson, “Tor: The second- generation onion router,” inProceedings of the 13th USENIX Security Symposium. San Diego, CA: USENIX Association, Aug. 2004, pp. 303–320

    work page 2004

  21. [21]

    Post-quantum mi- gration of the Tor application,

    D. Berger, M. Lemoudden, and W. J. Buchanan, “Post-quantum mi- gration of the Tor application,”Journal of Cybersecurity and Privacy, vol. 5, no. 2, p. 13, Apr. 2025

    work page 2025

  22. [22]

    PLS-assisted offload- ing for edge computing-enabled post-quantum security in resource- constrained devices,

    H. Amiriara, M. Mirmohseni, and R. Tafazolli, “PLS-assisted offload- ing for edge computing-enabled post-quantum security in resource- constrained devices,”arXiv preprint, Apr. 2025

    work page 2025