PQCRYPTO at NIST workshop to present 22 proposals for long-term security
11 April 2018
The European project PQCRYPTO is at a major international conference in Fort Lauderdale this week presenting 22 proposals for new cryptographic standards to an audience of 350 participants from all over the world.
The conference is the First Post-Quantum Cryptography Standardization Conference
(https://csrc.nist.gov/events/2018/first-pqc-standardization-conference) organized by the United States National Institute of Standards and Technology (NIST), an agency that creates cryptographic standards that are used worldwide.
NIST has a track record of developing cryptographic standards by means of public competitions to which researchers submit their best designs.
The institute is now running a competition for post-quantum cryptography. This initiative is taken because previous standards for "public-key" cryptography will be broken by large quantum computers.
Withstand the power of quantum computers
Over the last three years, PQCRYPTO researchers have worked to design new systems that can withstand the power of a quantum computer, to analyze the exact security of these systems, and to improve their performance. As a result they submitted 22 designs to NIST's new competition. These 22 schemes make up more than one third of the submissions to NIST that will be presented starting Wednesday.
"The designs cater for different application scenarios and security preferences," says Tanja Lange, coordinator of the PQCRYPTO project and Full Professor in the Department of Mathematics and Computer Science of the Eindhoven University of Technology. "The PQCRYPTO submissions range from extremely well-studied, high-confidence designs to more recent inventions that present benefits in efficiency."
NIST has scheduled 3-5 years for analysis of the submissions. However, NIST does not have the resources to analyze the submissions itself; it relies on externally funded analyses of security and applicability.
PQCRYPTO work
The PQCRYPTO work has already paid off: 12 other submissions have already been found to have devastating attacks and for 6 more systems analysis has shown that some of the promised properties do not hold.
None of these affected systems are from the PQCRYPTO team - while 11 of these 18 attacks were discovered by PQCRYPTO researchers.
With this outcome, PQCRYPTO ends on a high note. "It was fascinating to work with Europe's brightest minds in developing the cryptography of the future," Lange says.
PQCRYPTO releases initial recommendations for post-quantum
cryptographic algorithms
September 07, 2015
A consortium of cryptographers has just released initial recommendations
for cryptographic algorithms to protect the Internet against future
quantum computers.
Attackers armed with quantum computers will be able to decrypt
credit-card numbers and passwords encrypted with RSA and elliptic-curve
cryptography. PQCRYPTO is a consortium of universities and companies
funded by the European Union to respond to this threat.
The new report provides initial recommendations for post-quantum
encryption, authentication, and signatures. "These recommendations are
chosen for confidence in their long-term security", the report says.
"We started with conservative choices to make sure that the early
adopters get secure systems", says Prof. Dr. Tanja Lange from Technische
Universiteit Eindhoven, the PQCRYPTO coordinator. "This security comes
at the price of large keys, but the PQCRYPTO project is investigating
more efficient systems."
The report is authored by 17 researchers from Belgium, Denmark,
France, Germany, Israel, the Netherlands, and Taiwan. It is available
from http://pqcrypto.eu.org/docs/initial-recommendations.pdf.
