A Survey on Post-Quantum Cryptography: State-of-the-Art and Challenges

Marel Alvarado,Luke Gayler,Alex Seals,Tao Wang,Tao Hou
2023-12-16
Abstract:The paper explains that post-quantum cryptography is necessary due to the introduction of quantum computing causing certain algorithms to be broken. We analyze the different types of post-quantum cryptography, quantum cryptography and quantum-resistant cryptography, to provide a thorough understanding of the current solutions to the problems and their limitations. We explain the current state of quantum computing and how it has changed over time while discussing possible attacks on both types of post-quantum cryptography. Next, current post-quantum algorithms are discussed, and implementations are demonstrated. Lastly, we conclude that due to quantum cryptography's present limitations it is not a viable solution like it is often presented to be and that it is currently better to use quantum-resistant cryptography.
Cryptography and Security
What problem does this paper attempt to address?
The paper primarily explores the current state and challenges of post-quantum cryptography, aiming to address the security issues of traditional cryptographic algorithms in the face of quantum computing. With the development of quantum computing technology, some traditional encryption algorithms based on mathematical problems (such as RSA) may be broken by quantum algorithms (such as Shor's algorithm). Therefore, researchers need to develop new cryptographic methods to ensure data security. The paper discusses two main directions in post-quantum cryptography: 1. **Quantum Cryptography**: Utilizes the principles of quantum mechanics to achieve cryptographic security. This approach relies on the unique properties of qubits, such as superposition, quantum entanglement, and the no-cloning theorem. Although quantum cryptography has theoretical advantages, its practicality is limited by current technological constraints, especially in long-distance quantum key distribution. 2. **Quantum-Resistant Traditional Cryptography**: Includes various schemes such as lattice-based, code-based, hash-based, and multivariate polynomial-based cryptography. These schemes do not rely on the principles of quantum mechanics but can withstand currently known quantum attacks, particularly those that solve the factoring and discrete logarithm problems. The paper further details several specific examples of post-quantum cryptographic algorithms: - **CRYSTALS-Kyber**: A lattice-based public key encryption algorithm, selected by NIST as one of the recommended standards due to its efficiency and compactness. - **Classic McEliece**: An improved version of the McEliece cryptosystem, also selected by NIST for the final stage of the standardization process. It is a key encapsulation mechanism known for its long-term reliability and low computational resource requirements. - **SPHINCS+**: A stateless hash-based signature scheme used for digital signatures, particularly suitable for authentication scenarios with a limited number of messages. - **Twin-Field Quantum Key Distribution (TFQKD)**: A novel quantum key distribution protocol that can work effectively over long distances without the need for quantum repeaters. In summary, the core objective of the paper is to provide secure data protection solutions for the future quantum era by analyzing different post-quantum cryptographic technologies and algorithms.