0% found this document useful (0 votes)
85 views25 pages

Post Quantum Cryptography and Crypto Analysis

Uploaded by

adane
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
85 views25 pages

Post Quantum Cryptography and Crypto Analysis

Uploaded by

adane
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 25

Post-quantum cryptography

and crypto analysis


Case study
Content
Introduction to Quantum Cryptography
NIST PQC standardizations
Type of Pos-quantum algorithms
Implementing PQC Algorithm Challenges
A common misconception about quantum computing and
cryptography
Definition

Post-quantum cryptography, also known as quantum-


proof, quantum-safe, or quantum-resistant cryptography,
addresses the challenge posed by quantum computers.
Quantum Computers and Cryptography

Quantum computers exploit the unique properties of quantum


mechanics to perform complex calculations much faster than
classical computers.
The threat they pose to current cryptographic
algorithms lies in their ability to efficiently solve certain
mathematical problems that underpin security.
Current Algorithms and Quantum Vulnerability
Popular cryptographic algorithms (especially public-key algorithms)
rely on hard mathematical problems like:
 Integer factorization (e.g., RSA)
 Discrete logarithm (e.g., Diffie-Hellman, DSA)
 Elliptic-curve discrete logarithm (e.g., ECC)
Quantum computers, particularly using Shor's algorithm, can
efficiently solve these problems, compromising the security of existing
systems.
Shor's Algorithm:
• Shor's algorithm, a quantum algorithm, efficiently factors large
integers and computes discrete logarithms.
• Classical public-key cryptosystems (e.g., RSA, Diffie-Hellman) rely on these
hard problems for security.
• A sufficiently powerful quantum computer could break these classical
systems by solving these problems exponentially faster.
Cont..
• Symmetric Cryptography and Quantum Resistance
• Most symmetric cryptographic algorithms and hash functions are considered
relatively secure against quantum attacks.
• While Grover's algorithm speeds up attacks against symmetric ciphers
• Grover’s algorithm, also known as the quantum search algorithm, is a
remarkable quantum algorithm for unstructured search. This Accelerate brute-
force search
• Grover’s algorithm can speed up various algorithms, especially those with
exhaustive search as a subroutine.
• Notably, it could brute-force a 128-bit symmetric cryptographic key in
roughly 2^64 iterations or a 256-bit key in roughly 2^128 iterations.
Grover's algorithm
• Problem Statement:
• Imagine we have a set of N elements.
• Among these elements, there is a single marked element that we want to find.
• In classical computing, we would need to search through all N elements,
which takes time O(N).
Quantum Key Distribution (QKD):
• QKD promises secure key exchange based on quantum principles
• However, it doesn't directly threaten classical cryptography; it
complements it.
• QKD ensures secure key distribution but relies on classical
encryption for actual communication.
Post-Quantum Cryptography Goals
• Goal:- To develop new cryptographic systems that remain secure
against both quantum and classical computers.
NIST PQC standardizations

Objective
• NIST aims to develop cryptographic systems secure against both quantum and
classical computers.
• These systems should interoperate with existing communication protocols and
networks.
Candidate Algorithms
• The process began in 2017 with 69 candidate algorithms that met acceptance
criteria.
• Algorithms were evaluated based on security, performance, and other
characteristics.
Cont..
• Feb 13 first PQC draft in IRTF’s CFRG
• “Crypto Forum Research Group.” It’s a collaborative effort within the Internet
Research Task Force (IRTF) that focuses on cryptographic research and standards
development.
• Sept 13 ETSI holds first PQC Workshop
• On April 15 NIST announced the transition to PQC
• Aug 15 NSA announces transition to PQC
• Feb 16 NIST announces first computation
• Dec 16 NIST opens call for proposal scheduled
• NOV 17 NIST submission deadline
• 2024 draft standards ready
Cont..
First Rounds
• The first round lasted until January 2019, during which candidate algorithms
were assessed.
• After three rounds of evaluation, NIST selected the first algorithms to be
standardized.
Selected Algorithms
• NIST will recommend two primary algorithms:
• CRYSTALS-KYBER (for key establishment)
• CRYSTALS-Dilithium (for digital signatures)
• Kyber-512: Security roughly equivalent to AES-128.
• Kyber-768: Security roughly equivalent to AES-192.
• Kyber-1024: Security roughly equivalent to AES-256
More usefully
• Design new and improve existing cryptosystems that we believe resist
quantum attack.
• Lattice-based, code-based, non-linear systems of equations, isogeny-based…
Lattice-based Cryptography:
• This method uses mathematical structures called lattices for encryption. One of
the most secure PQC algorithm
• The shortest vector problem (SVP) is crucial. It asks us to find the minimal
Euclidean length of a non-zero lattice vector. SVP is believed to be hard to
solve efficiently, even with quantum computers.
• 3 scheme types
NTRU: Introduced in 1998, NTRU is a lattice-based public-key encryption scheme.
However, its hardness is not proven against worst-case lattice problems.
Learning with errors (LWE): Oded Regev’s 2005 scheme provides provable security
under worst-case hardness assumptions. Researchers have improved its efficiency over
time.
Fully homomorphic encryption (FHE): Craig Gentry’s 2009 FHE scheme is based on
a lattice problem. It allows computations on encrypted data without decryption.
Cont..

• Shortest Vector Problem (SVP) and Learning With Errors (LWE)


problems, are not efficiently solvable using quantum algorithms.
Why?
• The Shortest Vector Problem (SVP) and Learning With Errors (LWE)
problems are considered difficult for quantum algorithms due to several
key reasons:
• Exponential Time Complexity: the time required to find the shortest vector
using quantum algorithms still grows exponentially.
• No Significant Quantum Advantage: Unlike problems such as factoring large
integers or computing discrete logarithms, where quantum algorithms like Shor's
algorithm provide exponential speedups, quantum algorithms for SVP do not
offer a similar advantage.

• Note read operation of SVM and LWE


challenges of Implementing post-quantum algorithms
1. Performance Trade-offs:
• Many post-quantum algorithms have larger key sizes and slower computation
compared to classical counterparts.
• Balancing security with performance is crucial.
2. Standardization:
• Developing consensus on which algorithms to standardize is complex.
• Standardization ensures interoperability and widespread adoption.
3. Migration from Existing Systems:
• Transitioning from classical to post-quantum algorithms requires careful
planning.
• Legacy systems may need updates or replacements.
Cont..
4. Algorithm Maturity:
• Some post-quantum algorithms are still in the research stages.
• Ensuring their robustness and security is essential.
5. Quantum-Safe Cryptography Libraries:
• Building efficient libraries for post-quantum algorithms is challenging.
• Optimizing for various platforms (hardware, software) is critical.
6. Quantum-Safe Protocols:
• Integrating post-quantum algorithms into existing protocols (TLS, SSH) is nontrivial.
• Ensuring secure key exchange and authentication is a challenge.
7. Education and Awareness:
• Developers, administrators, and users need education about post-quantum security.
• Awareness of the threat posed by quantum computers is essential.
Misconceptions
1. Quantum Computers Can Break All Cryptography Instantly:
• Misconception: Quantum computers can efficiently break any classical
cryptographic system.
• Reality: Quantum computers excel at specific tasks (e.g., factoring large
integers, and solving discrete logarithms), but not all algorithms. Post-
quantum cryptography aims to resist quantum attacks.
2. Quantum Computers Are Already Here:
• Misconception: Quantum computers are widespread and pose an immediate threat.
• Reality: Large-scale, fault-tolerant quantum computers are still in
development. Practical quantum attacks remain a future concern. Cloud as a
service may concern.
Cont..
3. Quantum Key Distribution (QKD) Is Perfectly Secure.
• Misconception: QKD provides unbreakable encryption.
• Reality: QKD ensures secure key exchange but relies on classical channels for
communication. Implementations face practical challenges.
4. Quantum Computers Will Render All Data Insecure:
• Misconception: Once quantum computers arrive, all existing data becomes
vulnerable.
• Reality: Transitioning to quantum-safe algorithms is gradual. Existing data
won't instantly become compromised.
Summery
Thank you

You might also like