Post-quantum cryptography [1] [2] [3] [4] [5] [6] [7], also known as quantum-resistant cryptography or Post-Quantum Cryptography (PQC), is the development of cryptographic algorithms and protocols for classical computers that can withstand attacks from both classical and quantum computers.
Description
It became clear in the 1990s that a quantum computer could complete certain types of complex calculations much faster than a classical computer [2]. After mathematician Peter Shor demonstrated that a theoretical quantum computer could break the algorithm used for public key encryption [2], researchers began exploring post-quantum cryptography systems [2]. The development of large-scale quantum computers poses a significant risk to the confidentiality and integrity of digital communications, making post-quantum cryptography crucial for cybersecurity [1]. Researchers have already demonstrated the vulnerability of our digital data by breaking 2048-bit RSA encryption with a quantum computer. One of the most significant threats posed by quantum computers is Shor’s algorithm [3], which efficiently factors large integers and undermines the security of widely-used public-key cryptographic systems [3].
To ensure secure digital communication and transactions [3], post-quantum cryptography explores various approaches such as lattice-based cryptography, hash-based cryptography [3] [5], code-based cryptography [3], and multivariate polynomial cryptography [3]. These promising approaches aim to provide quantum resistance, efficiency [3], scalability [3], and compatibility [3]. Lattice schemes seem to be the most promising [2]. Additionally, hybrid cryptography offers a two-layered defense by combining classical and post-quantum algorithms [5].
Recent advances in post-quantum cryptography in consumer apps indicate that the tech industry is taking quantum threats seriously [5]. The U.S. [4] Department of Homeland Security (DHS) has issued a memorandum titled “Preparing for Post-Quantum Cryptography” in September 2021 [4], highlighting the threat to current cryptographic standards and providing guidance for transitioning to post-quantum encryption standards [4]. Currently, there is no US post-quantum cryptographic standard [4], but the National Institute of Standards and Testing (NIST) is actively working on creating a standard for post-quantum encryption [2]. The goal is to reduce the transition time to these standards when they become available through the NIST process [4].
Conclusion
The need for post-quantum cryptography is not a question of if [5], but when it will become a standard feature in our digital lives [5] [7]. Standardization and adoption of post-quantum cryptographic algorithms are crucial [3], and organizations need to start preparing for the quantum age by assessing risks [3], developing migration strategies [3], and implementing quantum-safe cryptography measures [3]. The National Institute of Standards and Technology (NIST) is actively involved in researching and advancing post-quantum cryptography [1] [2], and they can be contacted for technical inquiries [1]. Organizations must be prepared for the potential threat of quantum computers breaking current cryptographic algorithms [6]. While the timing of the first quantum attack is uncertain [6], it is crucial to be prepared. Advances in quantum computing have raised concerns about the security of current encryption methods [7], leading to the development of post-quantum cryptography as a solution [7]. Implementing post-quantum cryptography poses challenges, but a hybrid approach combining classical cryptography with post-quantum algorithms is being used to provide comprehensive defense [7]. Consumer applications are starting to incorporate post-quantum cryptography, indicating a shift in the cybersecurity landscape [7]. The focus is now on how quickly post-quantum cryptography can become a standard feature in our digital lives.
References
[1] https://www.nist.gov/programs-projects/post-quantum-cryptography
[2] https://www.techtarget.com/searchsecurity/definition/post-quantum-cryptography
[3] https://www.linkedin.com/pulse/securing-future-post-quantum-cryptography-digialert
[4] https://www.ey.com/en_us/consulting/what-c-suite-must-know-about-post-quantum-cryptography
[5] https://thehackernews.com/2023/09/post-quantum-cryptography-finally-real.html
[6] https://www.entrust.com/resources/certificate-solutions/learn/post-quantum-cryptography
[7] https://fagenwasanni.com/news/preparing-for-a-post-quantum-world-the-importance-of-post-quantum-cryptography/267708/
