“Cryptography is essential for the security of online communication, cars, and implanted medical devices. However, many commonly used cryptosystems will be completely broken once large quantum computers exist. Post-quantum cryptography is cryptography under the assumption that the attacker has a large quantum computer, post-quantum cryptosystems strive to remain secure even in this scenario. This relatively young research area has seen some successes in identifying mathematical operations for which quantum algorithms offer little advantage in speed, and then building cryptographic systems around those. The central challenge in post quantum cryptography is to meet demands for cryptographic usability and flexibility without sacrificing confidence.” – Post-quantum cryptography by Daniel J. Bernstein & Tanja Lange, Nature | Vol 5 4 9 | 1 4 September 2017
Cryptography as Foundational Pillar of Modern-Day Cybersecurity
Cryptography is widely used to implement Encryption. Encryption is important for Internet protocols like HTTPS/TLS, for other tools/technologies like Authentication, Virtual Private Networks, Wireless/Mobile Security and so on.
Current Encryption Mechanisms
- Symmetric Key and Asymmetric Key Encryption
- Computational Difficulty
- Public Key Infrastructure (PKI)
Enhancing Cryptographic Schemes
- Diffie-Hellman (DH)
- Elliptic-Curve Diffie-Hellman (ECDH)
- Cascade Ciphering
- Increase Key Size of Existing Algorithms
- Increase Number of Rounds of Existing Algorithms
- Other Existing Options – Sponge Functions
(For details, please refer to the books like Real-World Cryptography by David Wong, Serious Cryptography by Jean-Philippe Aumasson etc.)
How Quantum Computing disrupts Current Encryption Mechanisms
Considering so many positive impacts of Quantum Computing as detailed in Quantum Computing and Its Potential Impacts, Quantum Computing can also disrupt the way current Cybersecurity Technologies function.
Quantum Computing would jeopardize the way the following security technologies work:
- HTTPS/TLS – Web Security will be in trouble.
- Blockchain and Cryptocurrencies – Elliptic Curve Cryptography will be impacted.
- Encryption algorithms like Rivest, Shamir, Adleman (RSA), Diffie–Hellman (Key Exchange) etc.
- Virtual Private Networks (VPN)
- Public key infrastructure (PKI) including digital certificates, digital signatures and so on.
Quantum Resistant Algorithms
Mostly symmetric ciphers are known to be Quantum Resistant considering the current understanding of technological progress.
- Symmetric ciphers like AES-256
- Integrity hashes like SHA-2, SHA-3 etc. with larger hash sizes
- Post-Quantum Cryptographic Algorithms like Lattice-Based Cryptography, Multivariate Cryptography, Hash-Based Cryptography, Code-Based Cryptography, Post-Quantum TLS, Homomorphic Encryption etc
Post-Quantum Cryptography – Challenges
- In Quantum Cryptography, quantum encryption, quantum key distribution etc. would be vulnerable to attacks in the same way as current state cyber security is.
- Similarly, Quantum Key Distribution would also be vulnerable to Man in The Middle (MITM) and Eavesdropping attacks.
- Denial of Service or Trojan Horse Attacks could be possible in the same way.
- PNS (Photon-Number-Splitting) Attack and Dense-Coding Attack are relevant to Quantum Cryptography.
Considering this article to be a brief introduction meant primarily for interested professionals working in industry sectors, if anyone is interested in knowing the details about Post Quantum Cryptography, the following references can stand in good stead:
- New Frontiers in Cryptography – Quantum, Blockchain, Lightweight, Chaotic and DNA by Khaled Salah Mohamed
- Cryptography Apocalypse by Roger A. Grimes
- Quantum Cryptography – From Key Distribution to Conference Key Agreement by Federico Grasselli