SlideShare a Scribd company logo

Post Quantum Cryptography - Emerging Frontiers

Gokul Alex, profile picture
Gokul Alex

The document discusses the vulnerabilities of current cryptographic algorithms to quantum computing, highlighting that most asymmetric public-key cryptography, such as RSA and ECC, will be easily broken. It emphasizes the importance of developing post-quantum cryptographic algorithms and mentions various submissions and proposed schemes aimed at enhancing security against quantum attacks. Additionally, it covers related topics like symmetric encryption, authentication mechanisms, and zero-knowledge proofs.

Technology
1 of 33
Downloaded 33 times
1
2
3
4
5
Most read
6
Most read
7
Most read
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Q U A N T U M C RY P T O G R A P H Y L AT T I C E S , E R R O R C O R R E C T I N G C O D E S , H A S H F U N C T I O N S , E T C …
M O S T P O P U L A R P U B L I C K E Y A L G O R I T H M S C A N B E E F F I C I E N T LY B R O K E N B Y S U F F I C I E N T LY S T R O N G H Y P O T H E T I C A L Q U A N T U M C O M P U T E R S P R O B L E M S TAT E M E N T …
M O S T O F T H E M R E L I E D O N T H R E E H A R D M AT H E M AT I C A L P R O B L E M S : R E A S O N S …
• I N T E G E R FA C T O R I S AT I O N P R O B L E M • D I S C R E T E L O G A R I T H M P R O B L E M • E L L I P T I C C U R V E D I S C R E T E L O G A R I T H M P R O B L E M T H E Y A R E
N I S T H A S R E C E N T LY S U M M A R I S E D T H E I M PA C T O F Q U A N T U M C O M P U T I N G O N C O M M O N C RY P T O G R A P H I C A L G O R I T H M S I M PA C T …
B R O K E N A N D I M PA C T E D A L G O R I T H M S • AES - 256 • Encryption • Large key sizes needed • SHA - 256, SHA -3 • Large output needed • RSA • No longer secure • ECDSA, ECDH • No longer secure • DSA • No longer secure
B R O K E N A N D I M PA C T E D A L G O R I T H M S The emergence of quantum computers would break all asymmetric public-key cryptography and signature algorithms used today - the type of cryptography that protects communications over the internet. The size of symmetric keys is also halved, meaning the strength of 256-bit keys would be equivalent to 128-bit keys. This is the type of cryptography used for Full Disk Encryption, when data is encrypted with a passphrase. All current generation symmetric cryptographic authenticated modes such as CBC-MAC, PMAC, GMAC, GCM, and OCB are completely broken.
P O S T Q U A N T U M C RY P T O G R A P H Y B E C O M E S A S I G N I F I C A N T S E C U R I T Y P R I O R I T Y ! I N T H I S J U N C T U R E …
8 2 S U B M I S S I O N S - 2 3 S I G N AT U R E , 5 9 E N C RY P T I O N S C H E M E S N I S T C O M P E T I T I O N
• L AT T I C E S W I T H LW E • E R R O R C O R R E C T I N G C O D E S • H A S H F U N C T I O N S • M U LT I VA R I AT E E Q U AT I O N S • S U P E R S I N G U L A R E L L I P T I C A L E M E R G I N G T E C H N I Q U E S
R E L AT E D T O C L O S E S T V E C T O R P R O B L E M I N L AT T I C E L AT T I C E C RY P T O G R A P H Y - N T R U , B L I S S
S H O R T E S T V E C T O R P R O B L E M I N A L AT T I C E A S A L O W E R B O U N D O N T H E S E C U R I T Y L AT T I C E C RY P T O G R A P H Y - R I N G LW E S I G N AT U R E
The Rainbow Multivariate Equation Signature Scheme is a member of a class of multivariate quadratic equation crypto systems called "Unbalanced Oil and Vinegar Cryptosystems" M U LT I VA R I AT E C RY P T O G R A P H Y - R A I N B O W
In 2005, Luis Garcia proved that there was a security reduction of Merkle Hash Tree signatures to the security of the underlying hash function. Garcia showed in his paper that if computationally one-way hash functions exist then the Merkle Hash Tree signature is provably secure. H A S H C RY P T O G R A P H Y - M E R K L E S I G N AT U R E S C H E M E S
In 2016, Wang proposed a random linear code encryption scheme RLCE [32] which is based on McEliece schemes. RLCE scheme can be constructed using any linear code such as Reed-Solomon code by inserting random columns in the underlying linear code generator matrix. C O D E B A S E D C RY P T O G R A P H Y - R L C E
Security is related to the problem of constructing an isogeny between two supersingular curves with the same number of points. The most recent investigation of the difficulty of this problem is by Delfs and Galbraith indicates that this problem is as hard as the inventors of the key exchange suggest that it is. S U P E R S I N G U L A R E L L I P T I C C U R V E I S O G E N Y C RY P T O G R A P H Y
E U R O P E A N C O M M I S S I O N R E C O M M E N D AT I O N S R E F E R E N C E - W H O N I X
S Y M M E T R I C E N C RY P T I O N • Symmetric systems are usually not affected by Shor’s algorithm, but they are affected by Grover’s algorithm • Under Grover’s attack, the best security a key of length n can offer is 2(n/2) • Hence, AES - 128 offers only 2^64 post quantum security • Recommended • AES - 256 • Salsa20 • Serpent - 256
S Y M M E T R I C A U T H E N T I C AT I O N Some message-authentication codes provide “information-theoretic security”, guaranteeing that they are as secure as the underlying cipher (within a negligible mathematically guaranteed forgery probability), even against an adversary with unlimited computing power. These authentication mechanisms are not affected by quantum computing. • Poly1305 • GCM using 96 bit nonce and a 128 bit authenticator
P U B L I C K E Y E N C RY P T I O N For public-key encryption the currently used algorithms based on RSA and ECC are easily broken by quantum computers. Code-based cryptography has been studied since 1978 and has withstood attacks very well, including attacks using quantum computers. McEliece with binary Goppa codes using length n = 6960, dimension k = 5413 and adding t = 119 errors. The Stehl ́e–Steinfeld version of the NTRU lattice-based crypto system.
P U B L I C K E Y S I G N AT U R E S Similar to encryption, currently used signatures are based on problems that become easy to solve with a quantum computer. Signatures use cryptographic hash functions in order to hash the message and then sign the hash. Following two hash functions can achieve 2^128 post quantum security • XMSS which is stateful • SPHINCS which is stateless • HFEv multivariate quadratic signature
F R E E S O F T WA R E I M P L E M E N TAT I O N S P O S T Q U A N T U M C RY P T O G R A P H Y T O O L K I T S
L I B R A R I E S A N D T O O L S • CodeCrypt • Cyph • OneTime • TinySSH
P Q C RY P T O V P N P R O J E C T I M P L E M E N TAT I O N I N I T I AT I V E S
A S I G N AT U R E S C H E M E U S I N G S Y M M E T R I C K E Y P R I M I T I V E S A N D N O N I N T E R A C T I V E Z E R O K N O W L E D G E P R O O F S . M I C R O S O F T R E S E A R C H I M P L E M E N T I N G P I C N I C I N A P K I U S I N G H A R D WA R E S E C U R I T Y M O D U L E S . P I C N I C
O P E N Q U A N T U M S A F E P R O J E C T Open Quantum Safe[53][54] (OQS) project was started in late 2016 and has the goal of developing and prototyping quantum-resistant cryptography. It aims to integrate current post- quantum schemes in one library: liboqs.[55] liboqs is an open source C library for quantum- resistant cryptographic algorithms. liboqs initially focuses on key exchange algorithms. liboqs provides a common API suitable for post-quantum key exchange algorithms, and will collect together various implementations. liboqs will also include a test harness and benchmarking routines to compare performance of post-quantum implementations. Furthermore, OQS also provides integration of liboqs into OpenSSL.
Z E R O K N O W L E D G E P R O O F S A N I N T R O D U C T I O N
H I S T O RY • Goldwasser, Micali, and Rackoff, 1985. • ZKP instance of Interactive Proof System • Interactive Proof Systems – Challenge-Response Authentication – Prover and Verifier – Verifier Accepts or Rejects the Prover
R E L E VA N C E • Zero knowledge Transfer between the Prover and the Verifier • The verifier accepts or rejects the proof after multiple challenges and responses • Probabilistic Proof Protocol • Overcomes Problems with Password Based Authentication
T Y P E S • ZK proof of a statement – convincing the verifier that a statement is true without yielding any other information – example of a statement, a propositional formula is satisfiable • ZK proof of knowledge – convincing the verifier that one knows a secret, e.g., one knows the discrete logarithm logg(y)
P R O P E R T I E S • Completeness – Given honest prover and honest verifier, the protocol succeeds with overwhelming probability • Soundness – no one who doesn’t know the secret can convince the verifier with non negligible probability • Zero knowledge – the proof does not leak any additional information – Impossibility of transferring proofs
F O R M A L I S I N G T H E P R O P E R T Y • A protocol is ZK if a simulator exists – Taking what the verifier knows before the proof, can generate a communication transcript that is indistinguishable from one generated during ZK proofs • Intuition: One observes the communication transcript. If what one sees can be generated oneself, one has not learned anything new knowledge in the process. • Three kinds of indistinguishability – Perfect (information theoretic) – Statistical – Computational
Q U A N T U M I N T E R A C T I V E P R O O F S N E X T S T E P S

More Related Content

PDF
Quantum Knowledge Proofs and Post Quantum Cryptography - A Primer
Gokul Alex
 
PPTX
I mage encryption using rc5
Suramrit Singh
 
PPT
Digital Signature Recognition using RSA Algorithm
Vinayak Raja
 
PPT
RC4&RC5
guestff64339
 
PDF
Public key cryptography
rinnocente
 
PDF
Modern Cryptography
James McGivern
 
PPTX
Cryptography using probability
Prankit Mishra
 
PDF
Post quantum cryptography - thesis
Samy Shehata
 
Quantum Knowledge Proofs and Post Quantum Cryptography - A Primer
Gokul Alex
 
I mage encryption using rc5
Suramrit Singh
 
Digital Signature Recognition using RSA Algorithm
Vinayak Raja
 
RC4&RC5
guestff64339
 
Public key cryptography
rinnocente
 
Modern Cryptography
James McGivern
 
Cryptography using probability
Prankit Mishra
 
Post quantum cryptography - thesis
Samy Shehata
 

What's hot (20)

PDF
An effective RC4 Stream Cipher
Tharindu Weerasinghe
 
PPT
RSA Algorithm - Public Key Cryptography
Md. Shafiul Alam Sagor
 
PDF
Post Quantum Cryptography: Technical Overview
Ramesh Nagappan
 
PDF
Introduction to Quantum Cryptography
Andrew Manoske
 
PDF
Post quantum cryptography
Samy Shehata
 
PPTX
Naman quantum cryptography
namanthakur
 
PPTX
Public Key Cryptography
Gopal Sakarkar
 
PPTX
Ch9
Mahender Kumar
 
PPT
Rsa
ismaelhaider
 
PPTX
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
Qualcomm
 
PPTX
Quantum cryptography by Girisha Shankar, Sr. Manager, Cisco
Vishnu Pendyala
 
PDF
RSA Algorithm
Joon Young Park
 
PPTX
Quantum cryptography
Priya Winsome
 
PPTX
Quantum Cryptography
NARESHGOTMAL
 
PDF
CNIT 141 6. Hash Functions
Sam Bowne
 
PPT
RSA Algorithm
chauhankapil
 
PDF
Fast and Precise Symbolic Analysis of Concurrency Bugs in Device Drivers
Pantazis Deligiannis
 
PDF
A Study of RSA Algorithm in Cryptography
ijtsrd
 
PPTX
Quantum Cryptography
sahilnarvekar
 
PPTX
Public key algorithm
Prateek Pandey
 
An effective RC4 Stream Cipher
Tharindu Weerasinghe
 
RSA Algorithm - Public Key Cryptography
Md. Shafiul Alam Sagor
 
Post Quantum Cryptography: Technical Overview
Ramesh Nagappan
 
Introduction to Quantum Cryptography
Andrew Manoske
 
Post quantum cryptography
Samy Shehata
 
Naman quantum cryptography
namanthakur
 
Public Key Cryptography
Gopal Sakarkar
 
Ch9
Mahender Kumar
 
Rsa
ismaelhaider
 
RSA - ALGORITHM by Muthugomathy and Meenakshi Shetti of GIT COLLEGE
Qualcomm
 
Quantum cryptography by Girisha Shankar, Sr. Manager, Cisco
Vishnu Pendyala
 
RSA Algorithm
Joon Young Park
 
Quantum cryptography
Priya Winsome
 
Quantum Cryptography
NARESHGOTMAL
 
CNIT 141 6. Hash Functions
Sam Bowne
 
RSA Algorithm
chauhankapil
 
Fast and Precise Symbolic Analysis of Concurrency Bugs in Device Drivers
Pantazis Deligiannis
 
A Study of RSA Algorithm in Cryptography
ijtsrd
 
Quantum Cryptography
sahilnarvekar
 
Public key algorithm
Prateek Pandey
 
Ad

Similar to Post Quantum Cryptography - Emerging Frontiers (20)

PPTX
Post Quantum Encryption Presentation by srm.pptx
Rod Medallon
 
PDF
Quantum Meets Blockchain - Different Perspectives
Gokul Alex
 
PPTX
Lattice based Merkle for post-quantum epoch
DefCamp
 
PDF
Emily Stamm - Post-Quantum Cryptography
CSNP
 
PDF
CNIT 141: 14. Quantum and Post-Quantum
Sam Bowne
 
PDF
Blockchain Security in the Quantum Age 2024/03/18
Gottfried Szing
 
PDF
Quantum_Safe_Crypto_Overview_v3.pdf
RonSteinfeld1
 
PDF
CNIT 141: 14. Quantum and Post-Quantum
Sam Bowne
 
PDF
Cryptography Unchained - BeeBryte (White Paper)
BeeBryte | Energy Intelligence & Automation
 
PDF
Cryptography Unchained - BeeBryte (White Paper)
BeeBryte | Energy Intelligence & Automation
 
ODP
Network Security Topic 4 cryptography2
Khawar Nehal [email protected]
 
PPTX
Quantum computer in cryptography
Akshay Shelake
 
PDF
A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems
AM Publications
 
PPTX
Quantum Information Technology
Fenny Thakrar
 
PDF
Elliptic Curves in Cryptography
CSNP
 
PDF
Practical introduction to quantum-safe cryptography.pdf
hassanpak30
 
PPTX
Technical Seminar on Securing the IoT in the Quantum World
Siri Murthy
 
PPTX
Post-Quantum Encryption (PQE) refers to cryptographic algorithms and protocols
Rod Medallon
 
PDF
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
BlueHat Security Conference
 
PDF
Az24339344
IJERA Editor
 
Post Quantum Encryption Presentation by srm.pptx
Rod Medallon
 
Quantum Meets Blockchain - Different Perspectives
Gokul Alex
 
Lattice based Merkle for post-quantum epoch
DefCamp
 
Emily Stamm - Post-Quantum Cryptography
CSNP
 
CNIT 141: 14. Quantum and Post-Quantum
Sam Bowne
 
Blockchain Security in the Quantum Age 2024/03/18
Gottfried Szing
 
Quantum_Safe_Crypto_Overview_v3.pdf
RonSteinfeld1
 
CNIT 141: 14. Quantum and Post-Quantum
Sam Bowne
 
Cryptography Unchained - BeeBryte (White Paper)
BeeBryte | Energy Intelligence & Automation
 
Cryptography Unchained - BeeBryte (White Paper)
BeeBryte | Energy Intelligence & Automation
 
Network Security Topic 4 cryptography2
Khawar Nehal [email protected]
 
Quantum computer in cryptography
Akshay Shelake
 
A Comparative Study of RSA and ECC and Implementation of ECC on Embedded Systems
AM Publications
 
Quantum Information Technology
Fenny Thakrar
 
Elliptic Curves in Cryptography
CSNP
 
Practical introduction to quantum-safe cryptography.pdf
hassanpak30
 
Technical Seminar on Securing the IoT in the Quantum World
Siri Murthy
 
Post-Quantum Encryption (PQE) refers to cryptographic algorithms and protocols
Rod Medallon
 
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
BlueHat Security Conference
 
Az24339344
IJERA Editor
 
Ad

More from Gokul Alex (20)

PDF
Blockchain Technology in Banking Services - A Review
Gokul Alex
 
PDF
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
Gokul Alex
 
PDF
Digital Innovation and Dynamics of Entrepreneurship
Gokul Alex
 
PDF
Decentralised AI and Distributed Ledgers - An Introduction
Gokul Alex
 
PDF
R3Corda - Architecture Overview - Concepts and Components
Gokul Alex
 
PDF
Covid19 ContactTracing - Privacy Preserving Proximity Protocols
Gokul Alex
 
PDF
Cybersecurity Context in African Continent - Way Forward
Gokul Alex
 
PDF
Creative Careers for Post Pandemic Times
Gokul Alex
 
PDF
Imagining Intelligent Information Machines for 2020
Gokul Alex
 
PDF
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Gokul Alex
 
PDF
A Concise Introduction to Cryptographic Concepts
Gokul Alex
 
PDF
Applying Blockchain Technology for Digital Transformation
Gokul Alex
 
PDF
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Gokul Alex
 
PDF
Decentralised AI through Distributed Ledger Technologies
Gokul Alex
 
PDF
Cloud Security Engineering - Tools and Techniques
Gokul Alex
 
PDF
Quantum Computing - A History in the Making
Gokul Alex
 
PDF
Future of Education through Exponential and Emerging Technologies
Gokul Alex
 
PDF
Cloud Security - Emerging Facets and Frontiers
Gokul Alex
 
PPTX
Introduction to Blockchain Business Models
Gokul Alex
 
PDF
Blockchain and Cryptography - A Primer
Gokul Alex
 
Blockchain Technology in Banking Services - A Review
Gokul Alex
 
DEFCON28_2020_EthereumSecurity_PreventingDDoS_VDF
Gokul Alex
 
Digital Innovation and Dynamics of Entrepreneurship
Gokul Alex
 
Decentralised AI and Distributed Ledgers - An Introduction
Gokul Alex
 
R3Corda - Architecture Overview - Concepts and Components
Gokul Alex
 
Covid19 ContactTracing - Privacy Preserving Proximity Protocols
Gokul Alex
 
Cybersecurity Context in African Continent - Way Forward
Gokul Alex
 
Creative Careers for Post Pandemic Times
Gokul Alex
 
Imagining Intelligent Information Machines for 2020
Gokul Alex
 
Blockchain Essentials for Business Leaders - Value Propositions and Advantage...
Gokul Alex
 
A Concise Introduction to Cryptographic Concepts
Gokul Alex
 
Applying Blockchain Technology for Digital Transformation
Gokul Alex
 
Cognitive Commerce powered by Creative Convergence of AI, Analytics and Autom...
Gokul Alex
 
Decentralised AI through Distributed Ledger Technologies
Gokul Alex
 
Cloud Security Engineering - Tools and Techniques
Gokul Alex
 
Quantum Computing - A History in the Making
Gokul Alex
 
Future of Education through Exponential and Emerging Technologies
Gokul Alex
 
Cloud Security - Emerging Facets and Frontiers
Gokul Alex
 
Introduction to Blockchain Business Models
Gokul Alex
 
Blockchain and Cryptography - A Primer
Gokul Alex
 

Recently uploaded (20)

PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PPTX
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 

Post Quantum Cryptography - Emerging Frontiers

  • 1. Q U A N T U M C RY P T O G R A P H Y L AT T I C E S , E R R O R C O R R E C T I N G C O D E S , H A S H F U N C T I O N S , E T C …
  • 2. M O S T P O P U L A R P U B L I C K E Y A L G O R I T H M S C A N B E E F F I C I E N T LY B R O K E N B Y S U F F I C I E N T LY S T R O N G H Y P O T H E T I C A L Q U A N T U M C O M P U T E R S P R O B L E M S TAT E M E N T …
  • 3. M O S T O F T H E M R E L I E D O N T H R E E H A R D M AT H E M AT I C A L P R O B L E M S : R E A S O N S …
  • 4. • I N T E G E R FA C T O R I S AT I O N P R O B L E M • D I S C R E T E L O G A R I T H M P R O B L E M • E L L I P T I C C U R V E D I S C R E T E L O G A R I T H M P R O B L E M T H E Y A R E
  • 5. N I S T H A S R E C E N T LY S U M M A R I S E D T H E I M PA C T O F Q U A N T U M C O M P U T I N G O N C O M M O N C RY P T O G R A P H I C A L G O R I T H M S I M PA C T …
  • 6. B R O K E N A N D I M PA C T E D A L G O R I T H M S • AES - 256 • Encryption • Large key sizes needed • SHA - 256, SHA -3 • Large output needed • RSA • No longer secure • ECDSA, ECDH • No longer secure • DSA • No longer secure
  • 7. B R O K E N A N D I M PA C T E D A L G O R I T H M S The emergence of quantum computers would break all asymmetric public-key cryptography and signature algorithms used today - the type of cryptography that protects communications over the internet. The size of symmetric keys is also halved, meaning the strength of 256-bit keys would be equivalent to 128-bit keys. This is the type of cryptography used for Full Disk Encryption, when data is encrypted with a passphrase. All current generation symmetric cryptographic authenticated modes such as CBC-MAC, PMAC, GMAC, GCM, and OCB are completely broken.
  • 8. P O S T Q U A N T U M C RY P T O G R A P H Y B E C O M E S A S I G N I F I C A N T S E C U R I T Y P R I O R I T Y ! I N T H I S J U N C T U R E …
  • 9. 8 2 S U B M I S S I O N S - 2 3 S I G N AT U R E , 5 9 E N C RY P T I O N S C H E M E S N I S T C O M P E T I T I O N
  • 10. • L AT T I C E S W I T H LW E • E R R O R C O R R E C T I N G C O D E S • H A S H F U N C T I O N S • M U LT I VA R I AT E E Q U AT I O N S • S U P E R S I N G U L A R E L L I P T I C A L E M E R G I N G T E C H N I Q U E S
  • 11. R E L AT E D T O C L O S E S T V E C T O R P R O B L E M I N L AT T I C E L AT T I C E C RY P T O G R A P H Y - N T R U , B L I S S
  • 12. S H O R T E S T V E C T O R P R O B L E M I N A L AT T I C E A S A L O W E R B O U N D O N T H E S E C U R I T Y L AT T I C E C RY P T O G R A P H Y - R I N G LW E S I G N AT U R E
  • 13. The Rainbow Multivariate Equation Signature Scheme is a member of a class of multivariate quadratic equation crypto systems called "Unbalanced Oil and Vinegar Cryptosystems" M U LT I VA R I AT E C RY P T O G R A P H Y - R A I N B O W
  • 14. In 2005, Luis Garcia proved that there was a security reduction of Merkle Hash Tree signatures to the security of the underlying hash function. Garcia showed in his paper that if computationally one-way hash functions exist then the Merkle Hash Tree signature is provably secure. H A S H C RY P T O G R A P H Y - M E R K L E S I G N AT U R E S C H E M E S
  • 15. In 2016, Wang proposed a random linear code encryption scheme RLCE [32] which is based on McEliece schemes. RLCE scheme can be constructed using any linear code such as Reed-Solomon code by inserting random columns in the underlying linear code generator matrix. C O D E B A S E D C RY P T O G R A P H Y - R L C E
  • 16. Security is related to the problem of constructing an isogeny between two supersingular curves with the same number of points. The most recent investigation of the difficulty of this problem is by Delfs and Galbraith indicates that this problem is as hard as the inventors of the key exchange suggest that it is. S U P E R S I N G U L A R E L L I P T I C C U R V E I S O G E N Y C RY P T O G R A P H Y
  • 17. E U R O P E A N C O M M I S S I O N R E C O M M E N D AT I O N S R E F E R E N C E - W H O N I X
  • 18. S Y M M E T R I C E N C RY P T I O N • Symmetric systems are usually not affected by Shor’s algorithm, but they are affected by Grover’s algorithm • Under Grover’s attack, the best security a key of length n can offer is 2(n/2) • Hence, AES - 128 offers only 2^64 post quantum security • Recommended • AES - 256 • Salsa20 • Serpent - 256
  • 19. S Y M M E T R I C A U T H E N T I C AT I O N Some message-authentication codes provide “information-theoretic security”, guaranteeing that they are as secure as the underlying cipher (within a negligible mathematically guaranteed forgery probability), even against an adversary with unlimited computing power. These authentication mechanisms are not affected by quantum computing. • Poly1305 • GCM using 96 bit nonce and a 128 bit authenticator
  • 20. P U B L I C K E Y E N C RY P T I O N For public-key encryption the currently used algorithms based on RSA and ECC are easily broken by quantum computers. Code-based cryptography has been studied since 1978 and has withstood attacks very well, including attacks using quantum computers. McEliece with binary Goppa codes using length n = 6960, dimension k = 5413 and adding t = 119 errors. The Stehl ́e–Steinfeld version of the NTRU lattice-based crypto system.
  • 21. P U B L I C K E Y S I G N AT U R E S Similar to encryption, currently used signatures are based on problems that become easy to solve with a quantum computer. Signatures use cryptographic hash functions in order to hash the message and then sign the hash. Following two hash functions can achieve 2^128 post quantum security • XMSS which is stateful • SPHINCS which is stateless • HFEv multivariate quadratic signature
  • 22. F R E E S O F T WA R E I M P L E M E N TAT I O N S P O S T Q U A N T U M C RY P T O G R A P H Y T O O L K I T S
  • 23. L I B R A R I E S A N D T O O L S • CodeCrypt • Cyph • OneTime • TinySSH
  • 24. P Q C RY P T O V P N P R O J E C T I M P L E M E N TAT I O N I N I T I AT I V E S
  • 25. A S I G N AT U R E S C H E M E U S I N G S Y M M E T R I C K E Y P R I M I T I V E S A N D N O N I N T E R A C T I V E Z E R O K N O W L E D G E P R O O F S . M I C R O S O F T R E S E A R C H I M P L E M E N T I N G P I C N I C I N A P K I U S I N G H A R D WA R E S E C U R I T Y M O D U L E S . P I C N I C
  • 26. O P E N Q U A N T U M S A F E P R O J E C T Open Quantum Safe[53][54] (OQS) project was started in late 2016 and has the goal of developing and prototyping quantum-resistant cryptography. It aims to integrate current post- quantum schemes in one library: liboqs.[55] liboqs is an open source C library for quantum- resistant cryptographic algorithms. liboqs initially focuses on key exchange algorithms. liboqs provides a common API suitable for post-quantum key exchange algorithms, and will collect together various implementations. liboqs will also include a test harness and benchmarking routines to compare performance of post-quantum implementations. Furthermore, OQS also provides integration of liboqs into OpenSSL.
  • 27. Z E R O K N O W L E D G E P R O O F S A N I N T R O D U C T I O N
  • 28. H I S T O RY • Goldwasser, Micali, and Rackoff, 1985. • ZKP instance of Interactive Proof System • Interactive Proof Systems – Challenge-Response Authentication – Prover and Verifier – Verifier Accepts or Rejects the Prover
  • 29. R E L E VA N C E • Zero knowledge Transfer between the Prover and the Verifier • The verifier accepts or rejects the proof after multiple challenges and responses • Probabilistic Proof Protocol • Overcomes Problems with Password Based Authentication
  • 30. T Y P E S • ZK proof of a statement – convincing the verifier that a statement is true without yielding any other information – example of a statement, a propositional formula is satisfiable • ZK proof of knowledge – convincing the verifier that one knows a secret, e.g., one knows the discrete logarithm logg(y)
  • 31. P R O P E R T I E S • Completeness – Given honest prover and honest verifier, the protocol succeeds with overwhelming probability • Soundness – no one who doesn’t know the secret can convince the verifier with non negligible probability • Zero knowledge – the proof does not leak any additional information – Impossibility of transferring proofs
  • 32. F O R M A L I S I N G T H E P R O P E R T Y • A protocol is ZK if a simulator exists – Taking what the verifier knows before the proof, can generate a communication transcript that is indistinguishable from one generated during ZK proofs • Intuition: One observes the communication transcript. If what one sees can be generated oneself, one has not learned anything new knowledge in the process. • Three kinds of indistinguishability – Perfect (information theoretic) – Statistical – Computational
  • 33. Q U A N T U M I N T E R A C T I V E P R O O F S N E X T S T E P S