Weve written about PQC, short for post-quantum cryptography, several times before.
In case youve missed all the media excitement of the past few years about so-called quantum computing
it is (if you will pardon what some experts will probably consider a reckless oversimplification) a way of building computing devices that can keep track of multiple possible outcomes of a calculation at the same time.
With a lot of care, and perhaps a bit of luck, this means that you can rewrite some types of algorithm to home in on the right answer, or at least correctly discard a whole slew of wrong answers, without trying and testing every possible outcome one-by-one.
Two interesting cryptanalytical speedups are possible using a quantum computing device, assuming a suitably powerful and reliable one can actually be constructed:
The threat from Grovers algorithm can be countered simply by boosting the size of the the numbers youre using by squaring them, which means doubling the number of bits in your cryptographic hash or your symmetric encryption key. (In other words, if you think SHA-256 is fine right now, using SHA-512 instead would provide a PQC-resistant alternative.)
But Shors algorithm cant be countered quite so easily.
A public key of 2048 bits would need its size increased exponentially, not simply by squaring, so that instead of a key of 22048=4096 bits, either youd need a new key with the impossible size of 22048 bits
or youd have to adopt a completely new sort of post-quantum encryption system to which Shors algorithm didnt apply.
Well, US standards body NIST has been running a PQC competition since late 2017.
The process has been open to everyone, with all participants welcome, all algorithms openly published, and public scrutiny not merely possible but actively encouraged:
Call for Proposals. [Closed 2017-11-30]. [] It is intended that the new public-key cryptography standards will specify one or more additional unclassified, publicly disclosed digital signature, public-key encryption, and key-establishment algorithms that are available worldwide, and are capable of protecting sensitive government information well into the foreseeable future, including after the advent of quantum computers.
After three rounds of submissions and discussions, NIST announced, on 2022-07-05, that it had chosen four algorithms that it considered standards with immediate effect, all with delighful-sounding names: CRYSTALS-KYBER, CRYSTALS-Dilithium, FALCON, and SPHINCS+.
The first one (CRYSTALS-KYBER) is used as whats called a Key Agreement Mechanism (KEM), where two ends of a public communication channel securely concoct a one-time private encryption key for exchanging a sessions worth of data confidentially. (Simply put: snoopers just get shredded cabbage, so they cant eavesdrop on the conversation.)
The other three algorithms are used for Digital Signatures, whereby you can ensuring that the data you got out at your end matches exactly what the sender put in at the other, thus preventing tampering and assuring integrity. (Simply put: if anyone tries to corrupt or mess with the data, youll know.)
At the same timeas announcing the new standards, NIST also announced a fourth round of its competition, putting a further four algorithms forward as possible alternative KEMs. (Remember that, at the time of writing, we already have three approved digital signature algorithms to choose from, but only one official KEM.)
These were: BIKE, Classic McEliece, HQC and SIKE.
Intriguingly, the McEliece algorithm was invented way back in the 1970s by American cryptographer Robert Mc Eliece, who died in 2019, well after NISTs contest was already underway.
It never caught on, however, because it required huge amounts of key material compared to the popular alternative of the day, the Diffie-Hellman-Merkle algorithm (DHM, or sometimes just DH).
Unfortunately, one of the three Round Four algorithms, namely SIKE, appears to have been cracked.
In a brain-twisting paper entitled AN EFFICIENT KEY RECOVERY ATTACK ON SIDH (PRELIMINARY VERSION), Belgian cryptographers Wouter Castryk and Thomas Decru seem to have dealt something of a deadly blow to the SIKE algorithm
In case youre wondering, SIKE is short for Supersingular Isogeny Key Encapsulation, and SIDH stands for Supersingular Isogeny Diffie-Hellman, a specific use of the SIKE algorithm whereby two ends of a communication channel perform a DHM-like cryptodance to exchange a bunch of public data that allows each end to derive a private value to to use as a one-time secret encryption key.
Were not going to try to explain the attack here; well just repeat what the paper claims, namely that:
Very loosely put, the inputs here include the public data provided by one of the participants in the key establishment cryptodance, along with the pre-determined (and therefore publicly-known) parameters used in the process.
But the output thats extracted (the information referred to as the isogeny above) is supposed to be the never-revealed part of the process the so-called private key.
In other words, from public information alone, such as the data exchanged opnely during key setup, the cryptographers claim to be able to recover the private key of one of the participants.
And once you know my private key, you can easily and undetectably pretend to be me, so the encryption process is broken.
Apparently, the key-cracking algorithm takes about an hour to do its work, using just a single CPU core with the kind of processing power youd find in an everyday laptop.
Thats against the SIKE algorithm when configured to meet Level 1, NISTs basic grade of encryption security.
Nothing!
(Thats the good news.)
As the authors of the paper suggest, after noting that their result is still preliminary, with the current state of affairs, SIDH appears to be fully broken for any publicly generated base curve.
(Thats the bad news.)
However, give that the SIKE algorithm isnt officially approved yet, it can now either be adapted to thwart this particular attack (something that the authors admit may be possible), or simply dropped altogether.
Whatever finally happens to SIKE, this is an excellent reminder of why trying to invent your own encryption algorithms is fraught with danger.
Its also a pointed example of why proprietary encryption systems that rely on the secrecy of the algorithm itself to maintain their security are simply unacceptable in 2022.
If a PQC algorithm such as SIKE survived persual and probing by experts from around the globe for more than five years, despite being disclosed specifically so that it could be subjected to public scrutiny
then theres no need to ask yourself how well your home-made, hidden-from-view encryption algorithms are likely to fare when released into the wild!
See the original post here:
Post-quantum cryptography new algorithm gone in 60 minutes - Naked Security
- Nexus Of Mathematics, Cryptography, Blockchain Will Redefine Technological Innovation Expert - New Telegraph Newspaper - May 15th, 2024
- What is the purpose of post-quantum cryptography? - Security Boulevard - March 21st, 2024
- Quantum Computing and Networking Poised to Revolutionize Cryptography - BroadbandBreakfast.com - March 21st, 2024
- TM Technologies and Quantum Resistant Cryptography Team Up to Increase Speed and Security of 5G/6G, Satellite ... - Yahoo Finance UK - March 5th, 2024
- Cryptology | Definition, Examples, History, & Facts | Britannica - February 1st, 2024
- What Is Moore's Law, And How Does It Impact Cryptography? - Blockchain Magazine - January 24th, 2024
- Cryptography 101: Key Principles, Major Types, Use Cases ... - Splunk - December 11th, 2023
- Federal agencies take 'most important' first step with inventorying cryptography ahead of quantum migration, OMB ... - FedScoop - December 11th, 2023
- What is Cryptography? - Cryptography Explained - AWS - January 30th, 2023
- What is Cryptography? Definition, Importance, Types | Fortinet - January 22nd, 2023
- What is cryptography? How algorithms keep information secret and ... - CSO - January 22nd, 2023
- What is Cryptography? Definition from SearchSecurity - January 22nd, 2023
- System.Security.Cryptography.CryptographicException: The payload was ... - December 28th, 2022
- NIST Action Will Heat Up Post-Quantum Cryptography Market: Report - TechNewsWorld - December 12th, 2022
- Global Encryption Day: Why quantum-safe cryptography is the future of cybersecurity - World Economic Forum - October 23rd, 2022
- Post-Quantum Cryptography: Anticipating Threats and Preparing the Future - ENISA - October 23rd, 2022
- Cracking the code of cryptography and life The Irish Times - The Irish Times - October 15th, 2022
- Dutch influence standards for post-quantum cryptography - ComputerWeekly.com - October 15th, 2022
- Castle Shield Holdings, LLC Updates the Post-Quantum Cryptography (PQC) Algorithms for Its Data-in-Motion Aeolus VPN Solution - Business Wire - October 15th, 2022
- Yale increases investment in blockchain research - Yale Daily News - October 15th, 2022
- OPPO joins the FIDO Alliance, accelerating the arrival of a new era of passwordless sign-ins - Yahoo Finance - October 15th, 2022
- It's Time To Trust Crypto. Here's Why. - Entrepreneur - October 15th, 2022
- Algorand (ALGO) on its journey to breach the $0.4 mark! - CryptoNewsZ - October 15th, 2022
- Crypto Hackers Gross Over $3 Billion From 125 Hacks so Far This Year Featured Bitcoin News - Bitcoin News - October 15th, 2022
- Bitt and IDEMIA: Winners of the G20 Central Bank Digital Currency TechSprint 2022 - Yahoo Finance - October 15th, 2022
- White House Releases First-Ever Comprehensive Framework for Responsible Development of Digital Assets - Lexology - October 15th, 2022
- The Web3 Foundation taps edX for free courses on blockchain and Polkadot - Cointelegraph - October 15th, 2022
- CoinGeek Weekly Livestream: Jad Wahab and Marcin Zarakowski discuss honest nodes and their role in Bitcoin - CoinGeek - October 15th, 2022
- What Is Cryptography? Definition & How It Works | Okta - October 7th, 2022
- What Is Cryptography in Cyber Security: Types, Examples & More - October 7th, 2022
- Decentralized Identifiers (DIDs) is Officially an Internet Standard, Says The World Wide Web Consortium (W3C) - bitcoinke.io - October 7th, 2022
- Cloudflares post-quantum cryptography protects almost a fifth of the internet - VentureBeat - October 7th, 2022
- Nobel Prize in Physics goes to scientists who paved the way for quantum computing - Space.com - October 7th, 2022
- The 2nd Annual Encryption Consulting Conference is Back! - PR Newswire - October 7th, 2022
- Quantum Computing And The Threat Posed To Bitcoin - The Dales Report - October 7th, 2022
- Cryptocurrency users with gambling affinity are more involved mentally and financially than non-gambling users - PsyPost - October 7th, 2022
- Cardano (ADA) and Algorand (ALGO) Are Two Blockchains To Watch Next Bull Cycle, Says Coin Bureau Here?... - The Daily Hodl - October 7th, 2022
- The Guardian view on the Rosetta Stone: a monument to code-breaking - The Guardian - October 7th, 2022
- Still think everything is awful? Here are three reasons for hope - Colorado Newsline - October 7th, 2022
- Sleep Disorders And Quantum Cryptography Win Big At The Breakthrough Prizes 2023 - IFLScience - September 29th, 2022
- Lecturer in Cryptography job with KINGS COLLEGE LONDON | 310005 - Times Higher Education - September 29th, 2022
- Microsoft venture fund M12 invests millions in advancing cryptography and 'smart contracts' - OnMSFT.com - September 29th, 2022
- Sectigo's Chief Strategy Officer and CISO Advisor David Mahdi Accepted To Fast Company Executive Board - StreetInsider.com - September 29th, 2022
- Fundamental Cryptography in Theory and Python - iProgrammer - September 21st, 2022
- Web Crypto API - Web APIs | MDN - Mozilla - September 21st, 2022
- Cryptomathic appoints Laurent Lafargue as CEO of the pioneer in cryptography - FinanceFeeds - September 21st, 2022
- Blockchain and POW are the leading technology behind Bitcoin. - Deadline News - September 21st, 2022
- NTT Research Names Takashi Goto Head of the Technology Promotion Team - Business Wire - September 21st, 2022
- Investigating the Use of Blockchain to Authenticate Data from the Statistics Canada Website - Statistique Canada - September 21st, 2022
- 6 Technological Innovations in the New York Sports Betting Industry - Qrius - September 21st, 2022
- EMVCo reports on the future of contactless payments - NFC World - September 13th, 2022
- Quantum eMotion to Present at the H.C. Wainwright 24th Annual Global Investment Conference in New York - Digital Journal - September 13th, 2022
- The emerging role of cybersecurity in the automotive sector - The Financial Express - September 13th, 2022
- Jack Dorseys Web5 is a solution to a problem thats already been solved - VentureBeat - September 5th, 2022
- What is Cryptography in security? What are the different types of ... - September 5th, 2022
- RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution - Business Wire - September 5th, 2022
- The United States Is Behind the Curve on Blockchain - War on the Rocks - September 5th, 2022
- $3.7 Billion Worldwide Blockchain in Retail Industry to 2027 - Featuring Cognizant, Infosys and Oracle Among Others - ResearchAndMarkets.com -... - September 5th, 2022
- Research Fellow in Applied Cryptography And Data Security job with UNIVERSITY OF SURREY | 306274 - Times Higher Education - August 28th, 2022
- ASPG, Inc. Announces Release of CryptoZ, Innovative New z/OS Cryptography Reporting and Administration Sy - Benzinga - August 28th, 2022
- UN: monitoring the use of cryptography can make the Internet safer - The Cryptonomist - August 20th, 2022
- Keyfactor Named to the 2022 Inc. 5000 List for Third Consecutive Year and Recognized as the Fastest Growing PKI and Cryptography Leader in America -... - August 20th, 2022
- Cryptography 101: Giving a framework to the brimming blockchain businesses of India - Times of India - August 20th, 2022
- Godfather of Crypto expresses concerns over current state of blockchain privacy - CryptoSlate - August 20th, 2022
- Nine Benefits of FIDO Authentication | HYPR - Security Boulevard - August 20th, 2022
- Now That Authorities Have Sanctioned Tornado Cash, Is Bitcoin Next? - Bitcoin Magazine - August 20th, 2022
- Meet the world's first carbon-negative blockchain - wknd. - August 20th, 2022
- 'FutureFi': Crypto is transforming the green finance universe | Greenbiz - GreenBiz - August 20th, 2022
- Philippine Regulator Warns the Public of Engaging With Foreign Crypto Service Providers Regulation Bitcoin News - Bitcoin News - August 20th, 2022
- What Is Cryptography: Definition and Common Cryptography Techniques - August 12th, 2022
- What is Cryptography? Types of Algorithms & How Does It Work? - August 12th, 2022
- What is Cryptography? - Kaspersky - August 12th, 2022
- Former Google CEO: Bitcoin is a remarkable achievement of cryptography - The Cryptonomist - August 12th, 2022
- Protect your privacy with cybersecurity and cryptography - Geeky Gadgets - August 12th, 2022
- Saving Private Keys From The Courts - Bitcoin Magazine - August 12th, 2022
- NTT Research and NTT Corporation Engage in Breakthrough Research at Crypto 2022 - Business Wire - August 12th, 2022
- Can WhatsApp messages be secure and encryptedbut traceable at the same time? - EurekAlert - August 12th, 2022
- Why 2023 is the year of passwordless authentication - TechTarget - August 12th, 2022
- Sony unveils a new way to protect images from theft, manipulation - Popular Photography - August 12th, 2022
- Cameron Whitehead wins again, taking top honors in the CyberForce Program's Conquer the Hill Reign Edition Competition - EurekAlert - August 12th, 2022