Now Reading
Cryptographers Develop Encryption Method Resistant to Future Quantum Attacks

Cryptographers Develop Encryption Method Resistant to Future Quantum Attacks

by Giulio PriscoAugust 18, 2015

Cryptographers are working on new encryption methods able to protect today’s Internet communications from future quantum computers that can be able to break today’s cryptography techniques. The researchers have developed upgrades to the Internet’s core encryption protocol that will prevent quantum computer users from intercepting Internet communications.

A research paper authored by Douglas Stebila from Queensland University of Technology (QUT), Joppe Bos from NXP Semiconductors, and Craig Costello and Michael Naehrig from Microsoft Research, presented at the IEEE Symposium on Security and Privacy, describes cryptographic primitives that could offer resilience against attacks by quantum computers. The paper, titled “Post-quantum key exchange for the TLS protocol from the ring learning with errors problem,” is freely available online.

Early Days of Post-Quantum Cryptography

Code breakingQuantum computers can process information in ways that have no equivalent in classical computing by exploiting subtle quantum phenomena. Quantum computers may theoretically be able to solve certain problems – including code breaking – much faster than classical computer and perform computations that would be otherwise impossible. This explains the enthusiasm of researchers, venture capitalists, and the intelligence community for the first quantum computing demonstrations.

Now important players in both government and industry want to move quantum computing beyond the research stage and build operational, fault tolerant, scalable quantum computers. Therefore, it seems likely that quantum computers, able to break today’s best Internet encryption, will be developed.

“Quantum computers will be able to solve complex scientific problems, like simulating chemical reactions, much faster than today’s most powerful supercomputers, but they’ll also be able to break much of the public key cryptography that’s used to protect Internet, mobile telephone, and other electronic communication,” said Stebila. “Though quantum computers don’t exist yet, they could be used to retroactively decrypt past transmissions. That’s why it’s important that we start updating our communication infrastructure.”

We’ve tested some new techniques and found some very promising first steps towards future-proofing Internet encryption.

The cryptographers developed developed a new version of the Transport Layer Security (TLS) standard that incorporates a recently developed mathematical technique called “ring learning with errors problem,” which could resist quantum attacks.

“Our cryptographically secure implementation, aimed at the 128-bit security level, reveals that the performance price when switching from non-quantum-safe key exchange is not too high,” say the researchers. “The resulting provably secure construction provides post-quantum forward secrecy yet remains practical, both in terms of efficiency and in terms of its integration with the widely-deployed RSA-based public key authentication infrastructure.”

Post-quantum cryptography is still in its early days. Future work will include optimization of parameter sizes, implementations, and comparisons between post-quantum primitives, conclude the researchers.

Images from Shutterstock.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it
  • Tom Kelting

    The lead article for Aug 18, about net transport layer upgrade to withstand quantum decyption algorithms, makes me want to gasp with (tentative) relief.
    The underlying problem – that of quantum decryption – has kept me awake at night for months. It is the most serious, potentially catastrophic issue facing our civilization.

    The sudden loss of effective cryptography, cryptography in which the general public has faith; the military can use reliably; and business, retail and the financial sectors can use ..would be nothing less than catastrophic. It would be a game ender for modern civilization — equivalent only to the loss of all electricity worldwide. (Perhaps worse, actually.)

    This is a ray of hope. If it pans out, I can start breathing again.

  • Max Lundgren

    It is possible to already secure data from intrusion attempts and with existing encryption methods, which prevents hacking and eavesdropping.

    It should be noted that there is an Economic and Technical reason that today it is not developing secure systems, the so-called certificate encryption keys on the market today have card key and there with less security. technically like larger companies and banks do not finance new secure systems. One known card companies in the United States have such a low encryption (des3) that the method used to secure any e-mail in the rest of the world. But the company is probably so large that it would probably infringe on the profit margin, rather secure customer transactions. It also required an upgrade of servers that can handle the load of encryption for data traffic.

    This upgrade of servers is often the biggest reason to wait and keep existing systems. Some of which, however, economic opportunity and knowledge to upgrade their systems are government and defense. But they have the utmost interest to keep low key and security, then they can more easily monitor the malicious data traffic.

    The obstacle of using these is that they are not going to be approved by NIST to be used or to be exported.

  • Jacob Eliosoff

    No disrespect to the researchers, but post-quantum (that is, quantum-safe) cryptography is not a brand new field. See eg or the 2008 book of that name. Although many old algorithms (eg RSA) are potentially vulnerable to quantum computers, it’s been known for at least a decade that there are usable algorithms that aren’t.

  • Luiz Carvalho

    If the authors did a little background research they would realize that this work is over a year old and is just a paper on an implementation of some cryptography published by published by Chris Peikert of Georgia Tech earlier that year. Even that paper is mostly a consolidation of results developed by Chris Peikert and other Lattice researchers since 2010. Its important for readers to know that the subject of this article is not some breakthrough in post quantum cryptography but rather a well done extension of a deep and diverse body of research. This is the second time this summer I have seen media outlets surf the internet and cite this work as a “new” result. It is good professional work but its wrong to call it new.

  • disqus_72GXGq6drQ

    Back n the day Dr Raymond Hill wrote a book on Basic Coding Theory – if still available worth a read!