post quantum cryptography
play

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 - PowerPoint PPT Presentation

Sep 19, 2023 •481 likes •901 views

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were actually doing things that are making us think like,

  1. Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015

  2. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 2

  3. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” ◮ Fast-forward to 2022, or 2027. Quantum computers exist. ◮ Shor’s algorithm solves in polynomial time: ◮ Integer factorization. ◮ The discrete-logarithm problem in finite fields. ◮ The discrete-logarithm problem on elliptic curves. ◮ This breaks all current public-key encryption on the Internet! Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 2

  4. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” ◮ Fast-forward to 2022, or 2027. Quantum computers exist. ◮ Shor’s algorithm solves in polynomial time: ◮ Integer factorization. ◮ The discrete-logarithm problem in finite fields. ◮ The discrete-logarithm problem on elliptic curves. ◮ This breaks all current public-key encryption on the Internet! ◮ Also, Grover’s algorithm speeds up brute-force searches. ◮ Example: Only 2 64 quantum operations to break AES-128. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 2

  5. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” ◮ Fast-forward to 2022, or 2027. Quantum computers exist. ◮ Shor’s algorithm solves in polynomial time: ◮ Integer factorization. ◮ The discrete-logarithm problem in finite fields. ◮ The discrete-logarithm problem on elliptic curves. ◮ This breaks all current public-key encryption on the Internet! ◮ Also, Grover’s algorithm speeds up brute-force searches. ◮ Example: Only 2 64 quantum operations to break AES-128. ◮ Need to switch the Internet to post-quantum encryption. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 2

  6. Confidence-inspiring crypto takes time to build ◮ Many stages of research from cryptographic design to deployment: ◮ Explore space of cryptosystems. ◮ Study algorithms for the attackers. ◮ Focus on secure cryptosystems. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 3

  7. Confidence-inspiring crypto takes time to build ◮ Many stages of research from cryptographic design to deployment: ◮ Explore space of cryptosystems. ◮ Study algorithms for the attackers. ◮ Focus on secure cryptosystems. ◮ Study algorithms for the users. ◮ Study implementations on real hardware. ◮ Study side-channel attacks, fault attacks, etc. ◮ Focus on secure, reliable implementations. ◮ Focus on implementations meeting performance requirements. ◮ Integrate securely into real-world applications. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 3

  8. Confidence-inspiring crypto takes time to build ◮ Many stages of research from cryptographic design to deployment: ◮ Explore space of cryptosystems. ◮ Study algorithms for the attackers. ◮ Focus on secure cryptosystems. ◮ Study algorithms for the users. ◮ Study implementations on real hardware. ◮ Study side-channel attacks, fault attacks, etc. ◮ Focus on secure, reliable implementations. ◮ Focus on implementations meeting performance requirements. ◮ Integrate securely into real-world applications. ◮ Example: ECC introduced 1985 ; big advantages over RSA. Robust ECC is starting to take over the Internet in 2015 . ◮ Post-quantum research can’t wait for quantum computers! Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 3

  9. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 4

  10. Even higher urgency for long-term confidentiality ◮ Today’s encrypted communication is being stored by attackers and will be decrypted years later with quantum computers. Danger for human-rights workers, medical records, journalists, security research, legal proceedings, state secrets, . . . Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 5

  11. Post-Quantum Cryptography for Long-term Security ◮ Project funded by EU in Horizon 2020. ◮ Starting date 1 March 2015, runs for 3 years. ◮ 11 partners from academia and industry, TU/e is coordinator Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 6

  12. Impact of PQCRYPTO ◮ All currently used public-key systems on the Internet are broken by quantum computers. ◮ Today’s encrypted communication can be (and is being!) stored by attackers and can be decrypted later with quantum computer. ◮ Post-quantum secure cryptosystems exist but are under-researched – we can recommend secure systems now, but they are big and slow Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 7

  13. Impact of PQCRYPTO ◮ All currently used public-key systems on the Internet are broken by quantum computers. ◮ Today’s encrypted communication can be (and is being!) stored by attackers and can be decrypted later with quantum computer. ◮ Post-quantum secure cryptosystems exist but are under-researched – we can recommend secure systems now, but they are big and slow hence the logo. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 7

  14. Impact of PQCRYPTO ◮ All currently used public-key systems on the Internet are broken by quantum computers. ◮ Today’s encrypted communication can be (and is being!) stored by attackers and can be decrypted later with quantum computer. ◮ Post-quantum secure cryptosystems exist but are under-researched – we can recommend secure systems now, but they are big and slow hence the logo. ◮ PQCRYPTO will design a portfolio of high-security post-quantum public-key systems, and will improve the speed of these systems, adapting to the different performance challenges of mobile devices, the cloud, and the Internet. ◮ PQCRYPTO will provide efficient implementations of high-security post-quantum cryptography for a broad spectrum of real-world applications. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 7

  15. WP1: Post-quantum cryptography for small devices Leaders: Tim G¨ uneysu, co-leader: Peter Schwabe ◮ Find post-quantum secure cryptosystems suitable for small devices in power and memory requirements (e.g. smart cards with 8-bit or 16-bit or 32-bit architectures, with different amounts of RAM, with or without coprocessors). ◮ Develop efficient implementations of these systems. ◮ Investigate and improve their security against implementation attacks. ◮ Deliverables include reference implementations and optimized implementations for software for platforms ranging from small 8-bit microcontrollers to more powerful 32-bit ARM processors. ◮ Deliverables also include FPGA and ASIC designs and physical security analysis. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 8

  16. WP2: Post-quantum cryptography for the Internet Leaders: Daniel J. Bernstein, co-leader: Bart Preneel ◮ Find post-quantum secure cryptosystems suitable for busy Internet servers handling many clients simultaneously. ◮ Develop secure and efficient implementations. ◮ Integrate these systems into Internet protocols. ◮ Deliverables include software library for all common Internet platforms, including large server CPUs, smaller desktop and laptop CPUs, netbook CPUs (Atom, Bobcat, etc.), and smartphone CPUs (ARM). ◮ Aim is to get high-security post-quantum crypto ready for the Internet. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 9

  17. WP3: Post-quantum cryptography for the cloud Leaders: Nicolas Sendrier, co-leader: Lars Knudsen ◮ Provide 50 years of protection for files that users store in the cloud, even if the cloud service providers are not trustworthy. ◮ Allow sharing and editing of cloud data under user-specified security policies. ◮ Support advanced cloud applications such as privacy-preserving keyword search. ◮ Work includes public-key and symmetric-key cryptography. ◮ Prioritize high security and speed over key size. Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 10

  18. What does PQCRYPTO mean for you? ◮ Expert recommendations for post-quantum secure cryptosystems. ◮ Recommended systems will get faster/smaller as result of PQCRYPTO research. ◮ More benchmarking to compare cryptosystems. ◮ Cryptographic libraries will be made freely available for several computer architectures. ◮ Workshop and “summer” school on post-quantum cryptography (Spring or summer 2017) ◮ Find more information online at http://pqcrypto.eu.org/ . ◮ Follow us on twitter https://twitter.com/pqc_eu . Tanja Lange http://pqcrypto.eu.org Post-quantum cryptography 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers can break public-key cryptography that is based on assuming hardness of factoring, discrete logs, and a few other problems I Post-quantum

2.98k views • 37 slides
Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

R. van der Gaag, D. Weller Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why think about post-quantum cryptography W. Buchanan et. al concluded Gate-based quantum computers pose a significant

349 views • 18 slides
SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design Methodologies Farnoud Farahmand, Duc Tri Nguyen, Viet B. Dang*, Ahmed Ferozpuri and Kris Gaj George Mason University Post st-Quantum Quantum

441 views • 14 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

Quantum computers and factoring Learning with errors Cryptography from LWE From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren frederik.vercauteren@gmail.com Open Security Research (China) ESAT/COSIC - KU Leuven

1.34k views • 70 slides
An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven

Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven

Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven Executive School on Post-Quantum Cryptography 01 July 2019 Cryptography Motivation #1: Communication channels are spying on our data. Motivation

728 views • 42 slides
The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum Crypto JP Aumasson uantum /me 15 years experience in applied cryptography (PhD, industry, consulting) Designed widely used algorithms Author of the

816 views • 52 slides
Implementing post-quantum cryptography Peter Schwabe Radboud University, Nijmegen, The

Implementing post-quantum cryptography Peter Schwabe Radboud University, Nijmegen, The

Implementing post-quantum cryptography Peter Schwabe Radboud University, Nijmegen, The Netherlands June 28, 2018 PQCRYPTO Mini-School 2018, Taipei, Taiwan Part I: How to make software secure Implementing post-quantum cryptography 2 Timing

1.44k views • 116 slides
Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and Cryptography VI In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were

854 views • 42 slides
Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers Using quantum states for computation: Introduced in 1985 by David Deutsch [3]. Operate on qubits using gates that perform reversible

1.69k views • 157 slides
Post-quantum cryptography Tanja Lange (with Daniel J. Bernstein) Technische Universiteit

Post-quantum cryptography Tanja Lange (with Daniel J. Bernstein) Technische Universiteit

Post-quantum cryptography Tanja Lange (with Daniel J. Bernstein) Technische Universiteit Eindhoven 17 January 2016 8th Winter School on Quantum Cybersecurity Cryptography Motivation #1: Communication channels are spying on our

894 views • 68 slides
Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu Ruhr-Universitt Bochum & DFKI 04.10.2017 Overview Goals Provide a high-level introduction to Post-Quantum Cryptography (PQC)

1.18k views • 113 slides
Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic

Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic

Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information (and generate

455 views • 19 slides
Code-based Cryptography ECRYPT-CSA Executive School on Post-Quantum Cryptography 2017 TU

Code-based Cryptography ECRYPT-CSA Executive School on Post-Quantum Cryptography 2017 TU

Code-based Cryptography ECRYPT-CSA Executive School on Post-Quantum Cryptography 2017 TU Eindhoven Nicolas Sendrier Linear Codes for Telecommunication linear expansion data codeword k n > k noisy channel noisy

783 views • 52 slides
Building the Kamus Besar Bahasa Indonesia (KBBI) Database and Its Online Application David

Building the Kamus Besar Bahasa Indonesia (KBBI) Database and Its Online Application David

Building the Kamus Besar Bahasa Indonesia (KBBI) Database and Its Online Application David Moeljadi Division of Linguistics and Multilingual Studies, Nanyang Technological University, Singapore The 21st International Symposium on

835 views • 35 slides
k -fingerprinting: a Robust Scalable Website Fingerprinting Technique George Danezis Jamie Hayes

k -fingerprinting: a Robust Scalable Website Fingerprinting Technique George Danezis Jamie Hayes

k -fingerprinting: a Robust Scalable Website Fingerprinting Technique George Danezis Jamie Hayes University College London August 12, 2016 1/24 How does website fingerprinting work? - Training Tor network Relay 2 Adversary Relay 1

988 views • 24 slides
Third-party Identity Management Usage on the Web Anna Vapen, Niklas Carlsson, Anirban

Third-party Identity Management Usage on the Web Anna Vapen, Niklas Carlsson, Anirban

Third-party Identity Management Usage on the Web Anna Vapen, Niklas Carlsson, Anirban Mahanti, Nahid Shahmehri Linkping University, Sweden NICTA, Australia Third-party Web Authentication Web Authentication Registration with

280 views • 17 slides
Failures, Latency and Happy Eyeballs Contributions Takeaway Content Caches Latency IPv6

Failures, Latency and Happy Eyeballs Contributions Takeaway Content Caches Latency IPv6

Motivation Vaibhav Bajpai March 20, 2019 https://doi.org/10.1109/TNET.2019.2895165 March 2019 IEEE/ACM Transactions on Networking Garching bei Mnchen, Germany NetSys 2019 (Invited Talk) Technische Universitt Mnchen Failures, Latency

648 views • 16 slides
Using the Library for your Final Year Project Laura Woods, Computing & Engineering Librarian

Using the Library for your Final Year Project Laura Woods, Computing & Engineering Librarian

Using the Library for your Final Year Project Laura Woods, Computing & Engineering Librarian library@hud.ac.uk Todays lecture is a Choose Your Own Adventure! What would you most like to cover? We can do any two of these: (go to

606 views • 31 slides
Time-aware API Popularity Prediction via Heterogeneous Features Yao

Time-aware API Popularity Prediction via Heterogeneous Features Yao

ICWS 2015 New York, USA June 27- July 2 2015 Time-aware API Popularity Prediction via Heterogeneous Features Yao Wan 1 , Liang Chen 1 , Jian Wu 1 and Qi Yu 2 1 Zhejiang University,

543 views • 23 slides
Network security (DNS caching and DoS) CS 161: Computer Security Prof. Raluca Ada Popa March 1,

Network security (DNS caching and DoS) CS 161: Computer Security Prof. Raluca Ada Popa March 1,

Network security (DNS caching and DoS) CS 161: Computer Security Prof. Raluca Ada Popa March 1, 2018 Slides adapted from David Wagner DNS Overview DNS translates www.google.com to 74.125.25.99 Its a performance-critical

1.14k views • 89 slides
Big Data for Data Science Data streams and low latency processing event.cwi.nl/lsde DATA STREAM

Big Data for Data Science Data streams and low latency processing event.cwi.nl/lsde DATA STREAM

Big Data for Data Science Data streams and low latency processing event.cwi.nl/lsde DATA STREAM BASICS event.cwi.nl/lsde2015 event.cwi.nl/lsde What is a data stream? Large data volume, likely structured, arriving at a very high rate

650 views • 64 slides

More recommend