End-to-End Post-Quantum Cryptography Encryption Protocol for Video Conferencing System Based on Government Public Key Infrastructure

Round 1

Reviewer 1 Report

This is a well-written manuscript that only needs to undergo a few minor changes. The manuscript is based on impressive empirical evidence and makes an original contribution. Only minor revisions are needed before it can be published.

1. The authors proposed a unique detailed mechanism in which the post-quantum cryptography (PQC) key encapsulation mechanism (KEM) is applied to the user key exchange process; I believe that they should highlight their originality much more.

2. Figure 4 needs to be adjusted within the margins.

3. Figure 5 and 6 are not so clear and contents are not so visible. 4. More references need to be cited to justify the work.

4. 2-3 more keywords can be added.

5. To improve the readability of the paper, I suggest dividing the analysis part into several subsections.”

6. Comparison can be done between the existing and the proposed scheme to highlight advantages and the key importance of the proposed work.

Thanks & All the Best!

Comments for author File: Comments.pdf

Author Response

Please see the attachment

Author Response File: Author Response.docx

Reviewer 2 Report

In this manuscript, the authors propose a protocol that utilizes the key encapsulation mechanism of post-quantum cryptography for exchanging user keys in a GPKI-based video conferencing system. The manuscript is relevant for nowadays challenges in a digitalized world.

 

I suggest the following:

 

At the beginning of the manuscript, it is unclear whether SFrame is proposed/developed/implemented by the authors. Only in section 4 a reference for SFrame is provided. Please, add this reference in Introduction, too.

Because many acronyms are used, I suggest adding a table with them, in order to follow easier the manuscript.

 

In Section 5 there is no formal analysis for the security of the proposed key exchange protocol, nor a comparison with existing approaches.

Author Response

Please see the attachment

Author Response File: Author Response.docx

Reviewer 3 Report

This manuscript proposes an end-to-end post-quantum cryptography encryption protocol for government public key infrastructure based video conferencing system. The proposed system introduces different user authentication mechanism from existing video conferencing systems such as Zoom and SFrame. The authors investigated end-to-end encryption in term of:

- key management system

- signature

- identity check

- transparency tree

- real-time security

- shared-key exchange

- authenticity

- confidentiality

- integrity

 

However, the advantages and contribution of the proposed system have not been yet clear. The following issues regarding the proposed system related to video conferencing systems should be considered:

1. At first, what security requirements for standard video conferencing systems.

2. What security idea in the proposed system.

3. Comparing proposed security features to Zoom and SFrame.

4. Proving the proposed security features.

 

Therefore, the authors should insert what target security requirements of the proposed system, show how to achieve them, and prove them both in the system design, implementation, experiment, and measurement results.

 

The proposed system should be very hard from the attackers when trying to compromise the information during conferencing. The scenarios to show how the proposed system against from attacking also should be considered.

 

The authors should prove the security through the implementation and experiment measurements, and comparing the results to similar existing systems, i.e., Zoom and SFrame.

Author Response

Please see the attachment

Author Response File: Author Response.docx

Round 2

Reviewer 3 Report

The authors have already inserted some additional information into the revised manuscript. It sounds better. For that, it can be considered for acceptance.