Weijia Xue,Congli Wang,Jingran Wang

DOI: https://doi.org/10.1109/ICETCI57876.2023.10176713

2023-05-26

Abstract:Public key cryptography has become an essential tool for protecting today’s network traffic. Algorithms such as RSA and ECC, based on the mathematical problems of integer factorization or discrete logarithm, are commonly used However, these problems can be solved in polynomial time on a large-scale quantum computer with Shor’s algorithm. To counter this threat, the cryptography community is actively developing post-quantum cryptography (PQC). To enable public key cryptography algorithms, including PQC algorithms, it is necessary to solve a problem of associating the cryptographic key with the entity it belongs to, usually done through public key infrastructure (PKI) and digital certifica In this paper, we explore how to integrate quantum-safe algorithms into X.509v3 certificates, analyze the schemes for migrating to quantum-safe certificates, compare them, and provide migration recommendations.

Computer Science

Xianhui Lu,Jiang Zhang

DOI: https://doi.org/10.1093/nsr/nwab090

IF: 20.6

2021-05-24

National Science Review

Abstract:The invention of public-key cryptography (PKC) by Diffie and Hellman in 1976 is one of two milestones marking the beginning of modern cryptography. The security of a PKC system requires that it should be infeasible to compute the private key from a given public key, which in turn is typically guaranteed by the difficulty in solving some cryptographic-friendly mathematical problems. Among those problems, the integer factorization and discrete logarithm problems play pivotal roles in the development of public-key cryptography. In particular, the assumption that there is no polynomial time (classical) algorithm that solves the above two problems constitutes the basis for the security of almost all currently used public-key cryptosystems, such as RSA and ElGamal. However, Shor [1] found an efficient quantum solving algorithm for the integer factorization and discrete logarithm problems in 1994, which would destroy the security basis for most real deployed PKC systems if large-scale quantum computers become available. The rapid development of quantum technology in recent years suggests that we are getting closer to the quantum crisis of current PKC systems.

multidisciplinary sciences

Dev Gurung,Shiva Raj Pokhrel,Gang Li

DOI: https://doi.org/10.48550/arXiv.2306.14772

2023-07-01

Abstract:Post-quantum security is critical in the quantum era. Quantum computers, along with quantum algorithms, make the standard cryptography based on RSA or ECDSA over FL or Blockchain vulnerable. The implementation of post-quantum cryptography (PQC) over such systems is poorly understood as PQC is still in its standardization phase. In this work, we propose a hybrid approach to employ PQC over blockchain-based FL (BFL), where we combine a stateless signature scheme like Dilithium (or Falcon) with a stateful hash-based signature scheme like the extended Merkle Signature Scheme (XMSS). We propose a linear-based formulaic approach to device role selection mechanisms based on multiple factors to address the performance aspect. Our holistic approach of utilizing a verifiable random function (VRF) to assist in the blockchain consensus mechanism shows the practicality of the proposed approaches. The proposed method and extensive experimental results contribute to enhancing the security and performance aspects of BFL systems.

Cryptography and Security

Duc-Thuan Dam,Thai-Ha Tran,Van-Phuc Hoang,Cong-Kha Pham,Trong-Thuc Hoang

DOI: https://doi.org/10.3390/cryptography7030040

2023-08-14

Cryptography

Abstract:Information security is a fundamental and urgent issue in the digital transformation era. Cryptographic techniques and digital signatures have been applied to protect and authenticate relevant information. However, with the advent of quantum computers and quantum algorithms, classical cryptographic techniques have been in danger of collapsing because quantum computers can solve complex problems in polynomial time. Stemming from that risk, researchers worldwide have stepped up research on post-quantum algorithms to resist attack by quantum computers. In this review paper, we survey studies in recent years on post-quantum cryptography (PQC) and provide statistics on the number and content of publications, including a literature overview, detailed explanations of the most common methods so far, current implementation status, implementation comparisons, and discussion on future work. These studies focused on essential public cryptography techniques and digital signature schemes, and the US National Institute of Standards and Technology (NIST) launched a competition to select the best candidate for the expected standard. Recent studies have practically implemented the public key encryption/key encapsulation mechanism (PKE/KEM) and digital signature schemes on different hardware platforms and applied various optimization measures based on other criteria. Along with the increasing number of scientific publications, the recent trend of PQC research is increasingly evident and is the general trend in the cryptography industry. The movement opens up a promising avenue for researchers in public key cryptography and digital signatures, especially on algorithms selected by NIST.

Abel C. H. Chen

2024-01-03

Abstract:In recent years, the elliptic curve Qu-Vanstone (ECQV) implicit certificate scheme has found application in security credential management systems (SCMS) and secure vehicle-to-everything (V2X) communication to issue pseudonymous certificates. However, the vulnerability of elliptic-curve cryptography (ECC) to polynomial-time attacks posed by quantum computing raises concerns. In order to enhance resistance against quantum computing threats, various post-quantum cryptography methods have been adopted as standard (e.g. Dilithium) or candidate standard methods (e.g. McEliece cryptography), but state of the art has proven to be challenging to implement implicit certificates using lattice-based cryptography methods. Therefore, this study proposes a post-quantum cryptography McEliece-Chen (PQCMC) based on an efficient random invertible matrix generation method to issue pseudonymous certificates with less computation time. The study provides mathematical models to validate the key expansion process for implicit certificates. Furthermore, comprehensive security evaluations and discussions are conducted to demonstrate that distinct implicit certificates can be linked to the same end entity. In experiments, a comparison is conducted between the certificate length and computation time to evaluate the performance of the proposed PQCMC. This study demonstrates the viability of the implicit certificate scheme based on PQC as a means of countering quantum computing threats.

Cryptography and Security,Networking and Internet Architecture

Abel C. H. Chen

2024-01-23

Abstract:The current blockchain system for cryptocurrency exchanges primarily employs elliptic curve cryptography (ECC) for generating key pairs in wallets, and elliptic curve digital signature algorithms (ECDSA) for generating signatures in transactions. Consequently, with the maturation of quantum computing technology, the current blockchain system faces the risk of quantum computing attacks. Quantum computers may potentially counterfeit signatures produced by ECDSA. Therefore, this study analyzes the vulnerabilities of the current blockchain system to quantum computing attacks and proposes a post-quantum cryptography (PQC)-based blockchain system to enhance security by addressing and improving each identified weakness. Furthermore, this study proposes PQC-based wallets and PQC-based transactions, utilizing PQC digital signature algorithms to generate PQC-based signatures for the inputs in PQC-based transactions, thereby preventing signatures from being counterfeited by quantum computing. Experimental results demonstrate that the efficiency of the Dilithium algorithm, a PQC digital signature algorithm, in producing wallets, generating signatures, and verifying signatures surpasses that of ECDSA in the current blockchain system. Furthermore, the Dilithium algorithm also exhibits a higher security level.

Cryptography and Security,Computers and Society,Software Engineering

Silong Li,Yuxiang Chen,Lin Chen,Jing Liao,Chanchan Kuang,Kuanching Li,Wei Liang,Naixue Xiong

DOI: https://doi.org/10.3390/s23218744

IF: 3.9

2023-10-27

Sensors

Abstract:Cryptography is very essential in our daily life, not only for confidentiality of information, but also for information integrity verification, non-repudiation, authentication, and other aspects. In modern society, cryptography is widely used; everything from personal life to national security is inseparable from it. With the emergence of quantum computing, traditional encryption methods are at risk of being cracked. People are beginning to explore methods for defending against quantum computer attacks. Among the methods currently developed, quantum key distribution is a technology that uses the principles of quantum mechanics to distribute keys. Post-quantum encryption algorithms are encryption methods that rely on mathematical challenges that quantum computers cannot solve quickly to ensure security. In this study, an integrated review of post-quantum encryption algorithms is conducted from the perspective of traditional cryptography. First, the concept and development background of post-quantum encryption are introduced. Then, the post-quantum encryption algorithm Kyber is studied. Finally, the achievements, difficulties and outstanding problems in this emerging field are summarized, and some predictions for the future are made.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jintai Ding,Daniel Smith-Tone

DOI: https://doi.org/10.1090/noti1546

2017-01-01

Notices of the American Mathematical Society

Abstract:Over the past three decades, the family of public-key cryptosystems, a fundamental breakthrough in modern cryptography in the late 1970s, has become an increasingly integral part of our communication networks. The Internet, as well as other communication systems, relies principally on the Diffie-Hellman key exchange, RSA encryption, and digital signatures using DSA, ECDSA, or related algorithms. The security of these cryptosystems depends on the difficulty of certain number-theoretic problems, such as integer factorization or the discrete log problem. In 1994 Peter Shor showed that quantum computers can solve each of these problems in polynomial time, thus rendering the security of all cryptosystems based on such assumptions impotent. A large international community has emerged to address this issue in the hope that our public-key infrastructure may remain intact by utilizing new quantum-resistant primitives. In the academic world, this new science bears the moniker Post-Quantum Cryptography (PQC).

Dr. G S Mamatha,Namya Dimri,Rasha Sinha

2024-03-18

Abstract:The advent of quantum computing poses a profound threat to traditional cryptographic systems, exposing vulnerabilities that compromise the security of digital communication channels reliant on RSA, ECC, and similar classical encryption methods. Quantum algorithms, notably Shor's algorithm, exploit the inherent computational power of quantum computers to efficiently solve mathematical problems underlying these cryptographic schemes. In response, post-quantum cryptography (PQC) emerged as a critical field aimed at developing resilient cryptographic algorithms impervious to quantum attacks. This paper delineates the vulnerabilities of classical cryptographic systems to quantum attacks, elucidates the principles of quantum computing, and introduces various PQC algorithms such as lattice-based cryptography, code-based cryptography, hash-based cryptography, and multivariate polynomial cryptography. Highlighting the importance of PQC in securing digital communication amidst quantum computing advancements, this research underscores its pivotal role in safeguarding data integrity, confidentiality, and authenticity in the face of emerging quantum threats.

Cryptography and Security

Johanna Barzen,Frank Leymann

2024-10-28

Abstract:Nowadays, predominant asymmetric cryptographic schemes are considered to be secure because discrete logarithms are believed to be hard to be computed. The algorithm of Shor can effectively compute discrete logarithms, i.e. it can brake such asymmetric schemes. But the algorithm of Shor is a quantum algorithm and at the time this algorithm has been invented, quantum computers that may successfully execute this algorithm seemed to be far out in the future. The latter has changed: quantum computers that are powerful enough are likely to be available in a couple of years. In this article, we first describe the relation between discrete logarithms and two well-known asymmetric security schemes, RSA and Elliptic Curve Cryptography. Next, we present the foundations of lattice-based cryptography which is the bases of schemes that are considered to be safe against attacks by quantum algorithms (as well as by classical algorithms). Then we describe two such quantum-safe algorithms (Kyber and Dilithium) in more detail. Finally, we give a very brief and selective overview of a few actions currently taken by governments and industry as well as standardization in this area. The article especially strives towards being self-contained: the required mathematical foundations to understand post-quantum cryptography are provided and examples are given.

Cryptography and Security,Quantum Physics

Hee-Yong Kwon,Indra Bajuna,Mun-Kyu Lee

DOI: https://doi.org/10.1109/access.2024.3374645

IF: 3.9

2024-03-19

IEEE Access

Abstract:Recent advances in quantum-computing technology have threatened the security of classical cryptographic algorithms. This initiated research on Post-Quantum Cryptography (PQC), and the National Institute of Standards and Technology (NIST) PQC standardization is in progress. Coping with the current situation in which the security of existing cryptographic algorithms is already in question and that of new cryptographic algorithms is not yet certain, there has been active research on hybrid schemes combining two algorithms such that the security of the combined scheme is based on both underlying algorithms. For digital signatures, a naive solution for a hybrid scheme is to simply concatenate a classical signature and a quantum-resistant signature. In this paper, however, we propose a compact hybrid signature construction method that combines two randomized signatures such that the size of the combined signature is shorter than that of naive concatenation. Our construction allows for selective verification, which provides backward compatibility and conformance with existing regulations. We demonstrate the feasibility of the proposed method by combining ECDSA P-256 and Falcon-512, which are representative classical and post-quantum signature schemes, respectively. We prove that the combined signature is existentially unforgeable against an adaptive chosen-message attack, even if one of the underlying signature schemes is completely broken and only the other one remains secure. Through experiments on a desktop PC and Raspberry Pi 3 Model B, we verify that the proposed method effectively reduces the combined signature size with negligible computational overhead. Our experimental results demonstrate the proposed method is also applicable to PQC-PQC combinations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Abel C. H. Chen

2024-09-20

Abstract:As quantum computing technology matures, it poses a threat to the security of mainstream asymmetric cryptographic methods. In response, the National Institute of Standards and Technology released the final version of post-quantum cryptographic (PQC) algorithm standards in August 2024. These post-quantum cryptographic algorithms are primarily based on lattice-based and hash-based cryptography. Therefore, this study proposes the Post-Quantum Cryptography Winternitz-Chen (PQCWC) anonymous scheme, aimed at exploring the design of anonymous schemes based on PQC for future applications in privacy protection. The anonymous scheme designed in this study is mainly built on the Winternitz signature scheme, which can prevent the original public key from being exposed in the certificate. Furthermore, the PQCWC anonymous scheme integrates the butterfly key expansion mechanism, proposing the first hash-based butterfly key expansion mechanism in the world, achieving anonymity for both the registration authority and the certificate authority, thereby fully protecting privacy. In the experimental environment, this study compares various hash algorithms, including Secure Hash Algorithm-1 (SHA-1), the SHA-2 series, the SHA-3 series, and the BLAKE series. The results demonstrate that the proposed anonymous scheme can achieve anonymity without increasing key length, signature length, key generation time, signature generation time, or signature verification time.

Cryptography and Security,Computers and Society,Networking and Internet Architecture,Applications

Liu-Jun Wang,Kai-Yi Zhang,Jia-Yong Wang,Jie Cheng,Yong-Hua Yang,Shi-Biao Tang,Di Yan,Yan-Lin Tang,Zhen Liu,Yu Yu,Qiang Zhang,Jian-Wei Pan

DOI: https://doi.org/10.1038/s41534-021-00400-7

IF: 10.758

2021-05-06

npj Quantum Information

Abstract:Abstract Quantum key distribution (QKD) can provide information theoretically secure key exchange even in the era of quantum computers. However, QKD requires the classical channel to be authenticated, the current method for which is pre-sharing symmetric keys. For a QKD network of n users, this method requires $${C}_{n}^{2}=n(n-1)/2$$ C n 2 = n ( n − 1 ) / 2 pairs of symmetric keys to realize pairwise interconnection. In contrast, with the help of a mature public key infrastructure (PKI) and post-quantum cryptography (PQC) with quantum-resistant security, each user only needs to apply for one digital certificate from a certificate authority (CA) to achieve efficient and secure authentication for QKD. We need to assume only the short-term security of the PQC algorithm to achieve long-term security of the distributed keys. Here, we experimentally verified the feasibility, efficiency, and stability of the PQC algorithm in QKD authentication, and demonstrated the advantages when new users join the QKD network. Using the PQC public-key infrastructure, the nodes need to mutually trust only the CA to authenticate each other. QKD combined with PQC authentication will greatly promote and extend the application prospects of quantum-safe communication.

physics, condensed matter, applied, atomic, molecular & chemical,quantum science & technology

Javier Oliva del Moral,Antonio deMarti iOlius,Gerard Vidal,Pedro M. Crespo,Josu Etxezarreta Martinez

DOI: https://doi.org/10.1109/jiot.2024.3410702

IF: 10.6

2024-09-03

IEEE Internet of Things Journal

Abstract:The machinery of industrial environments was connected to the Internet years ago with the scope of increasing their performance. However, this change made such environments vulnerable against cyber-attacks that can compromise their correct functioning resulting in economic or social problems. Moreover, implementing cryptosystems in the communications between operational technology (OT) devices is a more challenging task than for information technology (IT) environments since the OT networks are generally composed of legacy elements, characterized by low-computational capabilities. Consequently, implementing cryptosystems in industrial communication networks faces a tradeoff between the security of the communications and the amortization of the industrial infrastructure. Critical infrastructure (CI) refers to the industries which provide key resources for the daily social and economical development, e.g., electricity. Furthermore, a new threat to cybersecurity has arisen with the theoretical proposal of quantum computers, due to their potential ability of breaking state-of-the-art cryptography protocols, such as RSA or elliptic curve cryptography. Many global agents have become aware that transitioning their secure communications to a quantum secure paradigm is a priority that should be established before the arrival of fault-tolerance. In this article, we aim to describe the problematic of implementing post-quantum cryptography (PQC) to CI environments. For doing so, we describe the requirements for these scenarios and how they differ against IT. We also introduce classical cryptography and how quantum computers pose a threat to such security protocols. Furthermore, we introduce state-of-the-art proposals of PQC protocols and present their characteristics. We conclude by discussing the problematic of integrating PQC in industrial environments.

computer science, information systems,telecommunications,engineering, electrical & electronic

Saleh Darzi,Kasra Ahmadi,Saeed Aghapour,Attila Altay Yavuz,Mehran Mozaffari Kermani

2023-10-18

Abstract:The rise of quantum computers exposes vulnerabilities in current public key cryptographic protocols, necessitating the development of secure post-quantum (PQ) schemes. Hence, we conduct a comprehensive study on various PQ approaches, covering the constructional design, structural vulnerabilities, and offer security assessments, implementation evaluations, and a particular focus on side-channel attacks. We analyze global standardization processes, evaluate their metrics in relation to real-world applications, and primarily focus on standardized PQ schemes, selected additional signature competition candidates, and PQ-secure cutting-edge schemes beyond standardization. Finally, we present visions and potential future directions for a seamless transition to the PQ era.

Cryptography and Security

Abel C. H. Chen

DOI: https://doi.org/10.1109/ICMLANT59547.2023.10372974

2024-02-22

Abstract:With the development of Shor's algorithm, some nondeterministic polynomial (NP) time problems (e.g. prime factorization problems and discrete logarithm problems) may be solved in polynomial time. In recent years, although some homomorphic encryption algorithms have been proposed based on prime factorization problems, the algorithms may be cracked by quantum computing attacks. Therefore, this study proposes a post-quantum cryptography (PQC)-based homomorphic encryption method which includes the homomorphic encryption function based on a code-based cryptography method for avoiding quantum computing attacks. Subsection 3.2 proposes mathematical models to prove the feasibility of the proposed method, and Subsection 3.3 gives calculation examples to present the detailed steps of the proposed method. In experimental environments, the mainstream cryptography methods (i.e. RSA cryptography and elliptic curve cryptography (ECC)) have been compared, and the results show that the encryption time and decryption time of the proposed method are shorter than other cryptography methods. Furthermore, the proposed method is designed based on a non-negative matrix factorization problem (i.e. a NP problem) for resisting quantum computing attacks.

Cryptography and Security

Emils Bagirovs,Grigory Provodin,Tuomo Sipola,Jari Hautamäki

DOI: https://doi.org/10.34190/eccws.23.1.2247

2024-09-17

Abstract:With the constantly advancing capabilities of quantum computers, conventional cryptographic systems relying on complex math problems may encounter unforeseen vulnerabilities. Unlike regular computers, which are often deemed cost-ineffective in cryptographic attacks, quantum computers have a significant advantage in calculation speed. This distinction potentially makes currently used algorithms less secure or even completely vulnerable, compelling the exploration of post-quantum cryptography (PQC) as the most reasonable solution to quantum threats. This review aims to provide current information on applications, benefits, and challenges associated with the PQC. The review employs a systematic scoping review with the scope restricted to the years 2022 and 2023; only articles that were published in scientific journals were used in this paper. The review examined the articles on the applications of quantum computing in various spheres. However, the scope of this paper was restricted to the domain of the PQC because most of the analyzed articles featured this field. Subsequently, the paper is analyzing various PQC algorithms, including lattice-based, hash-based, code-based, multivariate polynomial, and isogeny-based cryptography. Each algorithm is being judged based on its potential applications, robustness, and challenges. All the analyzed algorithms are promising for the post-quantum era in such applications as digital signatures, communication channels, and IoT. Moreover, some of the algorithms are already implemented in the spheres of banking transactions, communication, and intellectual property. Meanwhile, despite their potential, these algorithms face serious challenges since they lack standardization, require vast amounts of storage and computation power, and might have unknown vulnerabilities that can be discovered only with years of cryptanalysis.

Cryptography and Security,Emerging Technologies

Abdullah Al Mamun,Akid Abrar,Mizanur Rahman,M Sabbir Salek,Mashrur Chowdhury

2024-11-20

Abstract:The rise of quantum computing threatens traditional cryptographic algorithms that secure Transportation Cyber-Physical Systems (TCPS). Shor's algorithm poses a significant threat to RSA and ECC, while Grover's algorithm reduces the security of symmetric encryption schemes, such as AES. The objective of this paper is to underscore the urgency of transitioning to post-quantum cryptography (PQC) to mitigate these risks in TCPS by analyzing the vulnerabilities of traditional cryptographic schemes and the applicability of standardized PQC schemes in TCPS. We analyzed vulnerabilities in traditional cryptography against quantum attacks and reviewed the applicability of NIST-standardized PQC schemes, including CRYSTALS-Kyber, CRYSTALS-Dilithium, and SPHINCS+, in TCPS. We conducted a case study to analyze the vulnerabilities of a TCPS application from the Architecture Reference for Cooperative and Intelligent Transportation (ARC-IT) service package, i.e., Electronic Toll Collection, leveraging the Microsoft Threat Modeling tool. This case study highlights the cryptographic vulnerabilities of a TCPS application and presents how PQC can effectively counter these threats. Additionally, we evaluated CRYSTALS-Kyber's performance across wired and wireless TCPS data communication scenarios. While CRYSTALS-Kyber proves effective in securing TCPS applications over high-bandwidth, low-latency Ethernet networks, our analysis highlights challenges in meeting the stringent latency requirements of safety-critical wireless applications within TCPS. Future research should focus on developing lightweight PQC solutions and hybrid schemes that integrate traditional and PQC algorithms, to enhance compatibility, scalability, and real-time performance, ensuring robust protection against emerging quantum threats in TCPS.

Cryptography and Security