post quantum cryptography
play

Post-quantum cryptography Tanja Lange 23 March 2016 BeNeLux - PowerPoint PPT Presentation

Sep 02, 2022 •407 likes •845 views

Post-quantum cryptography Tanja Lange 23 March 2016 BeNeLux Mathematical Congress Cryptography Motivation #1: Communication channels are spying on our data. Motivation #2: Communication channels are modifying our data. Bob

  1. Post-quantum cryptography Tanja Lange 23 March 2016 BeNeLux Mathematical Congress

  2. � Cryptography ◮ Motivation #1: Communication channels are spying on our data. ◮ Motivation #2: Communication channels are modifying our data. � Bob Alice Untrustworthy network “Eavesdropper” ◮ Literal meaning of cryptography: “secret writing”. ◮ Achieves various security goals by secretly transforming messages. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 2

  5. Cryptographic applications in daily life ◮ Mobile phones connecting to cell towers. ◮ Credit cards, EC-cards, access codes for Rabobank. ◮ Electronic passports; soon ID cards. ◮ Internet commerce, online tax declarations, webmail. ◮ Any webpage with https . ◮ Encrypted file system on iPhone (see Apple vs. FBI). ◮ Facebook, WhatsApp, iMessage on iPhone. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 5

  6. Cryptographic applications in daily life ◮ Mobile phones connecting to cell towers. ◮ Credit cards, EC-cards, access codes for Rabobank. ◮ Electronic passports; soon ID cards. ◮ Internet commerce, online tax declarations, webmail. ◮ Any webpage with https . ◮ Encrypted file system on iPhone (see Apple vs. FBI). ◮ Facebook, WhatsApp, iMessage on iPhone. ◮ PGP encrypted email, Signal, Tor, Tails Qubes OS Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 5

  7. Cryptographic applications in daily life ◮ Mobile phones connecting to cell towers. ◮ Credit cards, EC-cards, access codes for Rabobank. ◮ Electronic passports; soon ID cards. ◮ Internet commerce, online tax declarations, webmail. ◮ Any webpage with https . ◮ Encrypted file system on iPhone (see Apple vs. FBI). ◮ Facebook, WhatsApp, iMessage on iPhone. ◮ PGP encrypted email, Signal, Tor, Tails Qubes OS Snowden in Reddit AmA Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 5

  8. Cryptographic tools Many factors influence the security and privacy of data ◮ Secure storage, physical security; access control. ◮ Protection against alteration of data ⇒ digital signatures, message authentication codes. ◮ Protection of sensitive content against reading ⇒ encryption. Cryptology is the science that studies mathematical techniques in order to provide secrecy, authenticity and related properties for digital information. Currently used crypto (check the lock icon in your browser) starts with RSA, Diffie-Hellman (DH) in finite fields, or elliptic curve DH followed by AES or ChaCha20. Newer systems: Curve25519, and Ed25519. Security is getting better, but lots of bugs and no secure hardware Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 6

  9. Cryptographic tools Many factors influence the security and privacy of data ◮ Secure storage, physical security; access control. ◮ Protection against alteration of data ⇒ digital signatures, message authentication codes. ◮ Protection of sensitive content against reading ⇒ encryption. Cryptology is the science that studies mathematical techniques in order to provide secrecy, authenticity and related properties for digital information. Currently used crypto (check the lock icon in your browser) starts with RSA, Diffie-Hellman (DH) in finite fields, or elliptic curve DH followed by AES or ChaCha20. Newer systems: Curve25519, and Ed25519. Security is getting better, but lots of bugs and no secure hardware – let alone anti-security measures such as the Dutch “Hackvoorstel”. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 6

  12. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 9

  13. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” ◮ Fast-forward to 2022, or 2027. Quantum computers exist. ◮ Shor’s algorithm solves in polynomial time: ◮ Integer factorization. ◮ The discrete-logarithm problem in finite fields. ◮ The discrete-logarithm problem on elliptic curves. ◮ This breaks all current public-key encryption on the Internet! Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 9

  14. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” ◮ Fast-forward to 2022, or 2027. Quantum computers exist. ◮ Shor’s algorithm solves in polynomial time: ◮ Integer factorization. ◮ The discrete-logarithm problem in finite fields. ◮ The discrete-logarithm problem on elliptic curves. ◮ This breaks all current public-key encryption on the Internet! ◮ Also, Grover’s algorithm speeds up brute-force searches. ◮ Example: Only 2 64 quantum operations to break AES-128. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 9

  15. In the long term, all encryption needs to be post-quantum ◮ Mark Ketchen, IBM Research, 2012, on quantum computing: “Were actually doing things that are making us think like, ‘hey this isn’t 50 years off, this is maybe just 10 years off, or 15 years off.’ It’s within reach.” ◮ Fast-forward to 2022, or 2027. Quantum computers exist. ◮ Shor’s algorithm solves in polynomial time: ◮ Integer factorization. ◮ The discrete-logarithm problem in finite fields. ◮ The discrete-logarithm problem on elliptic curves. ◮ This breaks all current public-key encryption on the Internet! ◮ Also, Grover’s algorithm speeds up brute-force searches. ◮ Example: Only 2 64 quantum operations to break AES-128. ◮ Need to switch the Internet to post-quantum encryption. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 9

  16. Confidence-inspiring crypto takes time to build ◮ Many stages of research from cryptographic design to deployment: ◮ Explore space of cryptosystems. ◮ Study algorithms for the attackers. ◮ Focus on secure cryptosystems. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 10

  17. Confidence-inspiring crypto takes time to build ◮ Many stages of research from cryptographic design to deployment: ◮ Explore space of cryptosystems. ◮ Study algorithms for the attackers. ◮ Focus on secure cryptosystems. ◮ Study algorithms for the users. ◮ Study implementations on real hardware. ◮ Study side-channel attacks, fault attacks, etc. ◮ Focus on secure, reliable implementations. ◮ Focus on implementations meeting performance requirements. ◮ Integrate securely into real-world applications. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 10

  18. Confidence-inspiring crypto takes time to build ◮ Many stages of research from cryptographic design to deployment: ◮ Explore space of cryptosystems. ◮ Study algorithms for the attackers. ◮ Focus on secure cryptosystems. ◮ Study algorithms for the users. ◮ Study implementations on real hardware. ◮ Study side-channel attacks, fault attacks, etc. ◮ Focus on secure, reliable implementations. ◮ Focus on implementations meeting performance requirements. ◮ Integrate securely into real-world applications. ◮ Example: ECC introduced 1985 ; big advantages over RSA. Robust ECC is starting to take over the Internet in 2015 . ◮ Post-quantum research can’t wait for quantum computers! Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 10

  19. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 11

  20. Even higher urgency for long-term confidentiality ◮ Today’s encrypted communication is being stored by attackers and will be decrypted years later with quantum computers. Danger for human-rights workers, medical records, journalists, security research, legal proceedings, state secrets, . . . Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 12

  21. Impact of PQCRYPTO (EU project in Horizon 2020) ◮ All currently used public-key systems on the Internet are broken by quantum computers. ◮ Today’s encrypted communication can be (and is being!) stored by attackers and can be decrypted later with quantum computer. ◮ Post-quantum secure cryptosystems exist but are under-researched – we can recommend secure systems now, but they are big and slow Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 13

  22. Impact of PQCRYPTO (EU project in Horizon 2020) ◮ All currently used public-key systems on the Internet are broken by quantum computers. ◮ Today’s encrypted communication can be (and is being!) stored by attackers and can be decrypted later with quantum computer. ◮ Post-quantum secure cryptosystems exist but are under-researched – we can recommend secure systems now, but they are big and slow hence the logo. Tanja Lange https://pqcrypto.eu.org Post-quantum cryptography 13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers can break public-key cryptography that is based on assuming hardness of factoring, discrete logs, and a few other problems I Post-quantum

2.98k views • 37 slides
Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

R. van der Gaag, D. Weller Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why think about post-quantum cryptography W. Buchanan et. al concluded Gate-based quantum computers pose a significant

349 views • 18 slides
SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design Methodologies Farnoud Farahmand, Duc Tri Nguyen, Viet B. Dang*, Ahmed Ferozpuri and Kris Gaj George Mason University Post st-Quantum Quantum

441 views • 14 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

Quantum computers and factoring Learning with errors Cryptography from LWE From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren frederik.vercauteren@gmail.com Open Security Research (China) ESAT/COSIC - KU Leuven

1.34k views • 70 slides
An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven

Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven

Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven Executive School on Post-Quantum Cryptography 01 July 2019 Cryptography Motivation #1: Communication channels are spying on our data. Motivation

728 views • 42 slides
The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum Crypto JP Aumasson uantum /me 15 years experience in applied cryptography (PhD, industry, consulting) Designed widely used algorithms Author of the

816 views • 52 slides
Implementing post-quantum cryptography Peter Schwabe Radboud University, Nijmegen, The

Implementing post-quantum cryptography Peter Schwabe Radboud University, Nijmegen, The

Implementing post-quantum cryptography Peter Schwabe Radboud University, Nijmegen, The Netherlands June 28, 2018 PQCRYPTO Mini-School 2018, Taipei, Taiwan Part I: How to make software secure Implementing post-quantum cryptography 2 Timing

1.44k views • 116 slides
Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and Cryptography VI In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were

854 views • 42 slides
Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers Using quantum states for computation: Introduced in 1985 by David Deutsch [3]. Operate on qubits using gates that perform reversible

1.69k views • 157 slides
Post-quantum cryptography Tanja Lange (with Daniel J. Bernstein) Technische Universiteit

Post-quantum cryptography Tanja Lange (with Daniel J. Bernstein) Technische Universiteit

Post-quantum cryptography Tanja Lange (with Daniel J. Bernstein) Technische Universiteit Eindhoven 17 January 2016 8th Winter School on Quantum Cybersecurity Cryptography Motivation #1: Communication channels are spying on our

894 views • 68 slides
Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu

Part I: Introduction to Post Quantum Cryptography Tutorial@CHES 2017 - Taipei Tim Gneysu Ruhr-Universitt Bochum & DFKI 04.10.2017 Overview Goals Provide a high-level introduction to Post-Quantum Cryptography (PQC)

1.18k views • 113 slides
Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were actually doing things that are making us think like,

901 views • 41 slides
Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic

Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic

Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information (and generate

455 views • 19 slides
diagnoszta szemvel (avagy a szrs ballasztja) dr. Nahm Krisztina Uzsoki utcai Krhz Magyar

diagnoszta szemvel (avagy a szrs ballasztja) dr. Nahm Krisztina Uzsoki utcai Krhz Magyar

Intervallum rkok a diagnoszta szemvel (avagy a szrs ballasztja) dr. Nahm Krisztina Uzsoki utcai Krhz Magyar Szenolgiai Trsasg Tudomnyos Fruma Inrcs 2017. prilis 21-22. Defincik Mammogrfis szrs : terleti

453 views • 31 slides
2019 Transportation Project Delivery Conference 2019 Transportation Project Delivery Conference

2019 Transportation Project Delivery Conference 2019 Transportation Project Delivery Conference

2019 Transportation Project Delivery Conference 2019 Transportation Project Delivery Conference October 2019 October 2019 Welcome! 2019 Transportation Project Delivery Conference October 2019 2 Safety Briefing Double Tree by Hilton

2.15k views • 198 slides
June 2015 Region 3 Accountability NET3 Session We have our ratingswhat do we do now? IR

June 2015 Region 3 Accountability NET3 Session We have our ratingswhat do we do now? IR

Good morning and welcome! June 2015 Region 3 Accountability NET3 Session We have our ratingswhat do we do now? IR District & IR Campus Information Session R3 Leadership Team Charlotte Baker Welcome to the 2015 Texas Accountability

472 views • 24 slides
Montevideo, Uruguay September 20th, 2017 IX.br 3Tbps Challenges and Solutions LACNOG 2017

Montevideo, Uruguay September 20th, 2017 IX.br 3Tbps Challenges and Solutions LACNOG 2017

Montevideo, Uruguay September 20th, 2017 IX.br 3Tbps Challenges and Solutions LACNOG 2017 Fabio Pessoa Nunes <fpnunes@nic.br> IX.br Engineering Team <eng@ix.br> Goals Recently IX.br has reached 3 Tbps peak traffic/day on the

400 views • 14 slides
pq Outline Description of the FSB Hash Function Classic Attacks Recent Attacks

pq Outline Description of the FSB Hash Function Classic Attacks Recent Attacks

Syndrome Based Collision Resistant Hashing Matthieu Finiasz pq Outline Description of the FSB Hash Function Classic Attacks Recent Attacks Proposed Improvements and Parameters pq 1 Description of the FSB Hash Function pq

286 views • 28 slides
Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of

Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of

Tweaking Code-Based Cryptography for Embedded Systems DIMACS Workshop on The Mathematics of Post-Quantum Cryptography Tim Gneysu, Ingo von Maurich 1/12/2015 Horst Grtz Institute for IT-Security, Ruhr-Universitt Bochum, Germany Motivation

920 views • 70 slides
LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes Marco Baldi 1 ,

LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes Marco Baldi 1 ,

LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes Marco Baldi 1 , Alessandro Barenghi 2 , Franco Chiaraluce 1 , Gerardo Pelosi 2 , Paolo Santini 1 1 Universit` a Politecnica delle Marche (m.baldi@univpm.it,

674 views • 52 slides
Error-correcting codes and Cryptography Henk van Tilborg Code-based Cryptography Workshop

Error-correcting codes and Cryptography Henk van Tilborg Code-based Cryptography Workshop

Error-correcting codes and Cryptography Henk van Tilborg Code-based Cryptography Workshop Eindhoven, May 11-12, 2011 1/45 CONTENTS I Error-correcting codes; the basics II Quasi-cyclic codes; codes generated by circulants III Cyclic codes

556 views • 45 slides

More recommend