quantum computing and post quantum cryptography
play

Quantum computing and post-quantum cryptography a gentle overview - PowerPoint PPT Presentation

Jan 13, 2023 •94 likes •683 views

Quantum computing and post-quantum cryptography a gentle overview Andrew Savchenko FOSDEM 2017 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Outline Quantum computing 1

  1. Quantum computing and post-quantum cryptography a gentle overview Andrew Savchenko FOSDEM 2017 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  2. Outline Quantum computing 1 Impact on cryptography 2 What we can do (using free software) 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  3. Disclaimer • Do not expect full strictness and completeness of this talk! • It intends to be a short overview of the subject. • You will encounter some equations :) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  4. Terminology • Classical cryptography — a usual cryptography, designed to withstand cryptanalysis using classical computers • Quantum cryptography has nothing to do with post-quantum cryptography. • It uses quantum mechanical properties of the matter for crypto applications, e.g.: • secure key distribution using entangled particles • protection from data copying • Requires a very dedicated hardware and connection lines • Postquantum cryptography — a cryptography resilient to quantum computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  5. Terminology • Classical cryptography — a usual cryptography, designed to withstand cryptanalysis using classical computers • Quantum cryptography has nothing to do with post-quantum cryptography. • It uses quantum mechanical properties of the matter for crypto applications, e.g.: • secure key distribution using entangled particles • protection from data copying • Requires a very dedicated hardware and connection lines • Postquantum cryptography — a cryptography resilient to quantum computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  6. Terminology • Classical cryptography — a usual cryptography, designed to withstand cryptanalysis using classical computers • Quantum cryptography has nothing to do with post-quantum cryptography. • It uses quantum mechanical properties of the matter for crypto applications, e.g.: • secure key distribution using entangled particles • protection from data copying • Requires a very dedicated hardware and connection lines • Postquantum cryptography — a cryptography resilient to quantum computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  7. Quantum computing Base elements: • qubits (quantum bits) • quantum logic gates • quantum algorithm: sequence of quantum gates applied to qubits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  8. Qubits |↑� | 1 � | Q � = α 0 | 0 � + α 1 | 1 � α i — amplitude of the state i |↓� | 0 � p ( ” 0 ” ) = | α 0 | 2 , p ( ” 1 ” ) = | α 1 | 2 EPR paradox ⇒ entangle them! | Q 2 � = α 00 | 00 � + α 01 | 01 � + α 10 | 10 � + α 11 | 11 � 2 n − 1 2 n − 1 ∑ ∑ | α i | 2 = 1 | Q n � = α i | i � , i =0 i =0 • N qubits → 2 N states at once • …but with different probabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  9. Qubits |↑� | 1 � | Q � = α 0 | 0 � + α 1 | 1 � α i — amplitude of the state i |↓� | 0 � p ( ” 0 ” ) = | α 0 | 2 , p ( ” 1 ” ) = | α 1 | 2 EPR paradox ⇒ entangle them! | Q 2 � = α 00 | 00 � + α 01 | 01 � + α 10 | 10 � + α 11 | 11 � 2 n − 1 2 n − 1 ∑ ∑ | α i | 2 = 1 | Q n � = α i | i � , i =0 i =0 • N qubits → 2 N states at once • …but with different probabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  10. Qubits: capabilities What can you do with N qubits? • 4TB HDD → 42 qubits • All atoms in the visible universe (10 80 ± 2 ) → 273 qubits are enough! • Manipulate individual states by affecting | α i | 2 Limitations: • Only N bits can be extracted from 2 N states • Random bits are read each time with different probabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  11. Qubits: capabilities What can you do with N qubits? • 4TB HDD → 42 qubits • All atoms in the visible universe (10 80 ± 2 ) → 273 qubits are enough! • Manipulate individual states by affecting | α i | 2 Limitations: • Only N bits can be extracted from 2 N states • Random bits are read each time with different probabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  12. Qubits: implementation Implementation ways: • electron spin • atomic nucleus • photon • quantum dots • … Problems: • stability: qubits tend to decay • error correction: errors build up fast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  13. Qubits: implementation Implementation ways: • electron spin • atomic nucleus • photon • quantum dots • … Problems: • stability: qubits tend to decay • error correction: errors build up fast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  14. Qubits: implementation Qutrits ( 3 n ): • more stable to decoherence • hard to implement • hard to manipulate Quantum storage [1]: • e − coherent state transfer to 31 P • storage for 1.75 s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  15. Qubits: implementation Qutrits ( 3 n ): • more stable to decoherence • hard to implement • hard to manipulate Quantum storage [1]: • e − coherent state transfer to 31 P • storage for 1.75 s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  16. Quantum gates Quantum logic gates: • Affects multiple amplitudes an once: • set with equal amplitude f ( x ) : O ( log N ) • May be implemented using: • ion traps • nuclear magnetic resonance • Provide full set of logical operations • All quantum gates are reversible in contrast to classical gates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  17. Quantum gates Quantum logic gates: • Affects multiple amplitudes an once: • set with equal amplitude f ( x ) : O ( log N ) • May be implemented using: • ion traps • nuclear magnetic resonance • Provide full set of logical operations • All quantum gates are reversible in contrast to classical gates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  18. Quantum hardware Microchip Architectures for Scalable Ion Trap Quantum Computing [2], University of Sussex, UK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  19. Quantum computing Summary: • only N bit can be extracted from 2 N states • measurement (wave function collapse) is probabilistic: • 2 + 2 = 5 — OK! • but P (2 + 2 = 4) > P (2 + 2 = 5) • results must be either: • checked or • repeated several times Further reading: “The Physics of Quantum Information” [3] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  20. Quantum computing Summary: • only N bit can be extracted from 2 N states • measurement (wave function collapse) is probabilistic: • 2 + 2 = 5 — OK! • but P (2 + 2 = 4) > P (2 + 2 = 5) • results must be either: • checked or • repeated several times Further reading: “The Physics of Quantum Information” [3] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  21. Period finding problem f : Z N → Z f ( x + r ) = f ( x ) , r =? • Classical computing: O ( N ) • Let’s apply Discrete FFT • …what?! Complexity: O ( N logN ) ( ( log N ) 2 ) • Quantum computing: O [4] QC is a very effective DFFT machine! f ( x ) data can be initialized by O ( log N ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  22. Period finding problem f : Z N → Z f ( x + r ) = f ( x ) , r =? • Classical computing: O ( N ) • Let’s apply Discrete FFT • …what?! Complexity: O ( N logN ) ( ( log N ) 2 ) • Quantum computing: O [4] QC is a very effective DFFT machine! f ( x ) data can be initialized by O ( log N ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

  23. Shor’s algorithm Solves integer factorisation problem [5, 6]: for known N find P 1 , P 2 : P 1 · P 2 = N Turn factorization problem into period finding problem! 1 If a and N are coprime: a r ≡ 1 mod N 2 r can be found using quantum DFFT 3 ( ) ( ) a r /2 − 1 a r /2 + 1 ≡ 0 mod N � �� � � �� � α 1 α 2 4 P i = gcd ( N , α i ); p > 1/2 [7] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers

Quantum Algorithms Tutorial Ronald de Wolf 1/ 37 Post-quantum cryptography I Quantum computers can break public-key cryptography that is based on assuming hardness of factoring, discrete logs, and a few other problems I Post-quantum

2.98k views • 37 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About

Standardization of post-quantum cryptography Tanja Lange 08 May 2016 A Workshop About Cryptographic Standards History of post-quantum cryptography 2003 Daniel J. Bernstein introduces term Post-quantum cryptography. PQCrypto 2006:

623 views • 23 slides
The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum

The Quantum Risk & Post-Quantum Crypto JP Aumasson The Quantum Risk & Post-Quantum Crypto JP Aumasson uantum /me 15 years experience in applied cryptography (PhD, industry, consulting) Designed widely used algorithms Author of the

816 views • 52 slides
Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and

Post-quantum cryptography Tanja Lange 02 October 2015 Academy Contact Forum Coding Theory and Cryptography VI In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were

854 views • 42 slides
SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design

SW/HW Codesign of the Post-Quantum Cryptography Algorithm NTRUEncrypt Using HLS and RTL Design Methodologies Farnoud Farahmand, Duc Tri Nguyen, Viet B. Dang*, Ahmed Ferozpuri and Kris Gaj George Mason University Post st-Quantum Quantum

441 views • 14 slides
Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why

R. van der Gaag, D. Weller Incorporating Post-Quantum Cryptography in a microservice architecture Research Project 2 Why think about post-quantum cryptography W. Buchanan et. al concluded Gate-based quantum computers pose a significant

349 views • 18 slides
Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic

Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic

Quantum Cryptography Lecture 26 Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information (and generate

455 views • 19 slides
Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all

Post-quantum cryptography Tanja Lange 07 October 2015 SPACE 2015 In the long term, all encryption needs to be post-quantum Mark Ketchen, IBM Research, 2012, on quantum computing: Were actually doing things that are making us think like,

901 views • 41 slides
Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum

Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum

Contents: Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum Theory: Fake Tensor Products, Entanglement. 4. A Glance at Genuine Quantum Theory. 5. Quantum Computing, Shors

559 views • 8 slides
From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren

Quantum computers and factoring Learning with errors Cryptography from LWE From linear algebra to post-quantum cryptography Dr. Ir. Fr e Vercauteren frederik.vercauteren@gmail.com Open Security Research (China) ESAT/COSIC - KU Leuven

1.34k views • 70 slides
Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers

Post-Quantum Cryptography Dr. Ruben Niederhagen, February 8, 2016 Introduction Quantum Computers Using quantum states for computation: Introduced in 1985 by David Deutsch [3]. Operate on qubits using gates that perform reversible

1.69k views • 157 slides
How Quantum Cryptography Quantum . . . and Quantum Computing How Quantum . . . How to Deal with

How Quantum Cryptography Quantum . . . and Quantum Computing How Quantum . . . How to Deal with

What Are Cyber- . . . For Cyber-Physical . . . How Cyber-Security Is . . . Quantum Challenge to . . . How Quantum Cryptography Quantum . . . and Quantum Computing How Quantum . . . How to Deal with This . . . Can Make Cyber-Physical

797 views • 43 slides
Quantum Cryptography Slides based in part on A talk on quantum cryptography or how Alice

Quantum Cryptography Slides based in part on A talk on quantum cryptography or how Alice

Quantum Cryptography Slides based in part on A talk on quantum cryptography or how Alice outwits Eve, by Samuel Lomonaco Jr. and Quantum Computing by Andr Bertiaume. The Classical World - Bits either 0 or 1. - Bits can be copied.

639 views • 11 slides
An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

An Overview on Post-Quantum Cryptography with an Emphasis on Code based Systems Joachim Rosenthal

Basics on Public Key Crypto Systems Research Directions in Post-Quantum Cryptography Variants of McEliece System Distinguisher Attacks McEliece for Rank Metric Codes An Overview on Post-Quantum Cryptography with an Emphasis on Code based

1.05k views • 100 slides
Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven

Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven

Introduction to post-quantum cryptography I Tanja Lange Technische Universiteit Eindhoven Executive School on Post-Quantum Cryptography 01 July 2019 Cryptography Motivation #1: Communication channels are spying on our data. Motivation

728 views • 42 slides
Cryptanalysis of Lightweight Block Ciphers: Theory Meets Dependencies Orr Dunkelman Computer

Cryptanalysis of Lightweight Block Ciphers: Theory Meets Dependencies Orr Dunkelman Computer

Dependency Other Win Open Cryptanalysis of Lightweight Block Ciphers: Theory Meets Dependencies Orr Dunkelman Computer Science Department University of Haifa, Israel December 14th, 2019 Orr Dunkelman Cryptanalysis of Lightweight Block

322 views • 31 slides
A 128 128-pix 4-kfps 14-bit Digital-Pixel PbSe-CMOS Uncooled MWIR Imager R. Figueras 1 , J.M.

A 128 128-pix 4-kfps 14-bit Digital-Pixel PbSe-CMOS Uncooled MWIR Imager R. Figueras 1 , J.M.

ISCAS2018 | Florence, Italy | May 27-30 1/26 IEEE International Symposium on Circuits & Systems A 128 128-pix 4-kfps 14-bit Digital-Pixel PbSe-CMOS Uncooled MWIR Imager R. Figueras 1 , J.M. Margarit 1 , G. Vergara 2 , V. Villamayor 2 ,

380 views • 27 slides
THE FABULOUS DESTINY OF 0000000200000008000000BB FOSDEM 2018-02-03 Patrick Francelle Loxodata

THE FABULOUS DESTINY OF 0000000200000008000000BB FOSDEM 2018-02-03 Patrick Francelle Loxodata

LOXODATA THE FABULOUS DESTINY OF 0000000200000008000000BB FOSDEM 2018-02-03 Patrick Francelle Loxodata LOXODATA WHO Patrick Francelle PostgreSQL consultant and trainer First contact with PostgreSQL in 1999 never stopped using it

641 views • 62 slides
Toward the bKAGRA Hardware Injection The 3rd KAGRA International Workshop 2017/05/21@Academia

Toward the bKAGRA Hardware Injection The 3rd KAGRA International Workshop 2017/05/21@Academia

Toward the bKAGRA Hardware Injection The 3rd KAGRA International Workshop 2017/05/21@Academia Sinica, NTU campus Osaka City University : Takaaki Yokozawa on the behalf of calibration subgroup The 3rd KIW Toward bKAGRA Hardware Injection

525 views • 15 slides
Merkles Puzzles See: Merkle, Secrecy, Authentication, and Public Key Systems , UMI Research

Merkles Puzzles See: Merkle, Secrecy, Authentication, and Public Key Systems , UMI Research

Merkles Puzzles See: Merkle, Secrecy, Authentication, and Public Key Systems , UMI Research press, 1982 Merkle, Secure Communications Over Insecure Channels , CACM, Vol. 21, No. 4, pp. 294-299, April 1978 Eli Biham - May 3, 2005 c 206

372 views • 14 slides
Natural Language Steganography and an AI-complete Security Primitive by Richard Bergmair

Natural Language Steganography and an AI-complete Security Primitive by Richard Bergmair

Natural Language Steganography and an AI-complete Security Primitive by Richard Bergmair Oct-03 Apr-04 University of Derby in Austria Technische Universitt Mnchen conducted under the supervision of Stefan Katzenbeisser Natural

1.94k views • 182 slides
Related textbooks Jonathan Katz, Yehuda Lindell: Security II: Cryptography Introduction to

Related textbooks Jonathan Katz, Yehuda Lindell: Security II: Cryptography Introduction to

Related textbooks Jonathan Katz, Yehuda Lindell: Security II: Cryptography Introduction to Modern Cryptography Chapman & Hall/CRC, 2008 Christof Paar, Jan Pelzl: Markus Kuhn Understanding Cryptography Springer, 2010

470 views • 20 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

322 views • 11 slides

More recommend