Showing posts with label Cyber Security. Show all posts
Showing posts with label Cyber Security. Show all posts

What Is Post-Quantum Cryptography?




Cryptography after the Quantum Era (PQC). 




In the last decade, significant developments in quantum computing have reassured the scientific community of the need to develop quantum-resistant cryptosystems. 


  • Quantum computers represent a danger to conventional public-key encryption based on number theory, thus Post-Quantum Cryptography (PQC) has emerged as the preferable alternative (i.e., integer factorization or discrete logarithms). 



Cryptosystems that are safe against assaults launched on classical computers and possibly quantum computers may be designed using:

 

      1. lattice-based cryptography, 
      2. multivariate cryptography, 
      3. hash-based cryptography schemes, 
      4. isogeny-based cryptography, 
      5. and code-based encryption. 


  • As a result, these methods are known as PQC (Post Quantum Cryptography) algorithms. 




Cryptography methods based on lattices are easy to build and provide a solid demonstration of security. 



  • The shortest vector problem (SVP), which involves estimating the minimum Euclidean length of a lattice vector for any basis, is the foundation of lattice-based encryption. 
  • The worst-case quantum polynomial time to solve SVP is approximately exp(O(√ n)).  
  • SVP's complexity is polynomial in n even with the processing capability of a quantum computer. 
  • One of the numerous issues in the lattice family is Short Integer Solutions (SIS). 
  • If the SVP is difficult in the worst situation, SIS issues are secure in the average scenario. 



The fundamental assumptions of code-based cryptography systems are that the generator matrix and random matrix are indistinguishable and that generic decoding is difficult. 


  • Because they are based on a well-studied issue, these methods take a conservative approach to public key encryption/key encapsulation. 
  • If the key size is decreased, this class of algorithms becomes susceptible. 
  • Researchers have proposed methods for reducing key size without jeopardizing security. 
  • The complexity of solving the finite field multivariate polynomial (MVP) problem inspires multivariate cryptography. 



MVP issues are NP-hard to solve. 


  • MVPs are NP-complete problems if all equations are quadratic over GF. 
  • Despite the fact that certain MVP-based methods have been proven to be weak, the PQC signature technique provides for competitive signature sizes. 
  • The security characteristics of the underlying symmetric primitives, particularly cryptographic hash functions, are used to create hash-based digital signatures (leveraging properties of collision resistance and second pre-image resistance). 



The National Institute of Standards and Technology (NIST) stated in that it will launch a standardization project to establish quantum-resistant standards for Key Encapsulation Mechanism (KEM) and Public Key Encryption (PKE), as well as digital signatures. 




NIST specified five distinct security strengths directly linked to NIST standards in symmetric cryptography in the request for proposals: Security Level : 



  1. Algorithm is at least as difficult to crack as AES (but it is less quantum resistant—Exhaustive Key Search). 
  2. Algorithm is at least as difficult to crack as SHA (strong in terms of quantum resistance—Collision Search). 
  3. Algorithm is at least as difficult to crack as AES (and is stronger in terms of quantum resistance—Exhaustive Key Search). 
  4. Algorithm is at least as difficult to crack as SHA (very strong quantum resistance—Collision Search). 
  5. Algorithm is at least as difficult to crack as AES (the strongest in terms of quantum resistance—Exhaustive Key Search). 


The NIST PQC Competition's first round began in December and received entries, from which digital signature contenders and KEM/PKE methods were selected. 


  • The NIST PQC Competition's second round candidates were revealed in January: digital signature candidates and KEM/PQC schemes. 
  • Just as the current work is going to print, NIST has officially announced a third cycle, which will begin in June. 



The Table below summarizes the round candidates, associated scheme, and NIST security level mapping.(Click through to zoom in)





~ Jai Krishna Ponnappan


You may also want to read more about Quantum Computing here.






Labels: , , , , , , , , , ,

Quantum Cryptography


The Holy Grail of Data Security 


Let's take a closer look at the second item on the list: quantum cryptography. In today's society, data security is a problem that has grown more crucial. 


How can we be sure that no one else has access to our personal digital information? 

Or that third parties don't listen in on our discussions without our knowledge? 


Traditional encryption encrypts a communication with a key code in such a way that decrypting it without knowing the key would demand unreasonably large processing power. But it's like a never-ending competition to build ever-more sophisticated encryption methods that can't be cracked by ever-more powerful computers. 

At least for the dilemma of the unidentified eavesdropper, quantum cryptography offers a solution.

  Quantum key distribution is a critical component of quantum-secure communication: by conveying the key using entangled quantum states of light, any interference in the transmission, such as an eavesdropper in the communication channel, is immediately observable by the user. 

  • Assume A makes a “secure” phone call to B. (in quantum cryptography, A and B are always taken to stand for Alice and Bob). 
  • Both Alice's and Bob's equipment are capable of measuring entangled particles. 
  • When the line is intercepted, Alice and Bob quickly recognize that an undesirable third party (commonly referred to as Eve) is present, because Eve would irreversibly disrupt the entanglement of the particles while listening in, i.e., measuring it for that reason. 
  • She also can't just copy them and transfer the information, the qubit, to the intended recipient without being caught, because it's impossible to duplicate any (yet-to-be-measured) quantum state exactly. 
  • As soon as Alice and Bob observe any changes to their key, or that the entanglement of their particles has been broken, they alter the method of communication and, at least temporarily, prevent the eavesdropper. 


Cryptography relies on a fundamental fact of quantum mechanics: quantum states may never be replicated without affecting the matching state or original information. 


Engineers are currently striving to utilize the odd qualities of the micro universe, which caused so much consternation among physicists in the early part of the twentieth century. 

Physicists went back to the theoretical drawing board during the creation of the first generation of quantum technologies to achieve a proper understanding of the principles that govern the micro universe. Meanwhile, they have made great progress in their efforts. 

Quantum physics and all of its main aspects may now be applied in a technology environment. The fascinating aspect of this approach is that scientists and engineers are working on a whole new universe of possibilities that have never been conceived before, rather than just attempting to make current and familiar things quicker or more exact. 


“The nineteenth century was known as the machine era, the twentieth century will go down in history as the information era,” wrote physicist Paul Davies in 1997. The quantum age, I believe, will begin in the twenty-first century.”



You may also want to read more about Quantum Computing here.





Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)

What Is Artificial General Intelligence?

Artificial General Intelligence (AGI) is defined as the software representation of generalized human cognitive capacities that enables the ...