Integrating post-quantum cryptography and DPU acceleration in modern networks
Abraham Cano Aguilera defended his PhD thesis at the Department of Electrical Engineering on February 5.
The internet is currently protected by cryptography, but quantum computers are becoming powerful enough to threaten this foundation. Once large-scale quantum machines arrive, they could break the public‑key methods used in things like secure websites, software updates, and device authentication. This makes sensitive data readable very quickly. In his PhD research, Abraham Cano Aguilera tackles this challenge by identifying where classical key exchange occurs in real networks and demonstrating how to replace it with quantum‑secure alternatives.
Major standards organizations are already pushing for a transition to quantum‑resistant security. In the U.S., NIST is standardizing post‑quantum cryptography (PQC), a new generation of algorithms designed to remain secure even under quantum attack. In Europe, ETSI is working on integrating quantum key distribution (QKD), a physics‑based method for securely sharing keys, into existing security systems. focuses mainly on PQC in his research.
A look at key protocols
First, he examines key protocols across the network stack: TLS for secure web connections, IPsec for VPNs and secure IP traffic, and MACsec for protecting Ethernet links. He then adapts these protocols to use quantum-resistant keys, either through custom modifications or by integrating established cryptographic libraries.
Rising data speed
Aguilera also addresses another major shift in networking: rapidly increasing data rates. As speeds rise, the bottleneck is moving to processing after transmission. Cryptography can become a significant computational and energy cost, increasing latency and CPU load. To solve this, Aguilera explores the use of NVIDIA DPUs to offload and accelerate encryption in the data plane using AES‑256‑GCM.
A testbed with SMARTNICs
His work includes a quantum‑secure testbed built in Eindhoven using SMARTNICs. The control plane is protected with PQC, specifically Kyber and Dilithium, while high‑speed traffic encryption is accelerated in hardware. The results show how DPUs can support the creation of future‑proof data centers that deliver both high performance and readiness for the quantum era.
Title of PhD thesis: . Supervisors: Prof. Idelfonso Tafur Monroy, Dr. Juan José Vegas Olmos and Prof. José Luis Imaña Pascual.