Get started Bring yourself up to speed with our introductory content.

An explanation of post-quantum cryptography

By

In this video, Informa TechTarget senior site editor Michaela Goss explains how quantum computers threaten modern encryption standards and why post-quantum cryptography is critical for protecting data in the quantum era.

The quantum era might be nearer than you think -- and organizations need to be ready for it.

Cryptography is a centerpiece of modern cybersecurity. Cryptography scrambles sensitive data with techniques such as coded algorithms, signatures and hashes to obscure it from all -- except the intended recipients.

But cryptography has an Achilles heel -- the cryptographic math itself. You see, it takes a mathematical process to encrypt and decrypt data. The reason modern cryptography works today is that the math to reverse-engineer an encryption key is too complicated for current computing to handle.

For example, many well-established encryption algorithms depend on the difficulty of factoring large numbers with traditional computers. Ciphers are so time-consuming to break with computers that it has hardly been worth the effort. Until now.

Here, we'll discuss the basics of post-quantum cryptography and why it's of concern to security experts.

The emergence of quantum computers poses a serious risk to today's cryptography used in data storage and communication. The mathematical ciphers that might take millions of years to break with traditional computers can potentially be broken in days -- or even hours -- with quantum computers.

This has spawned a new field called post-quantum cryptography (PQC) or quantum-resistant cryptography. The goal is to develop advanced cryptographic algorithms that are secure against both traditional and quantum computing techniques.

The idea is simple: Quantum computers are incredibly effective at solving some types of mathematical algorithms, but not all. The goal for PQC is to develop and perfect new cryptographic algorithms that quantum computers cannot resolve effectively. These quantum-resistant algorithms basically render quantum computing little -- if any -- more useful than traditional computers at breaking encryption.

Other PQC approaches being considered include the following:

  • Lattice-based cryptography. Uses mathematical constructs called lattices to encode data -- such as the learning with errors family of algorithms. Decrypting the data depends on finding the right point within the lattice.
  • Isogeny-based cryptography. Uses mathematical constructs called isogenies for encryption -- such as the Supersingular Isogeny Diffie-Hellman algorithm.
  • Multivariate cryptography. Uses systems of complex multivariate equations to produce encryption -- such as the Rainbow Signature Scheme.
  • Code-based cryptography. Uses error-correcting code (or ECC) techniques for encryption, basically formulating an encryption key from the underlying data itself.
  • Hash-based cryptography. Relies on mathematical hash functions for encryption.

So, what's the rush? Why are security experts so worried about a technology that is still in its infancy? The worry is three-fold.

First, quantum computing might be in its infancy today, but it's evolving at an incredible speed. There's a serious risk that quantum computers capable of breaking current encryption algorithms could be operational before new PQC algorithms are validated and available for general use.

Second, the secrets protected with current encryption techniques can still be valuable years into the future. Malicious actors could steal encrypted files today and then hold onto that data until a system emerges that can break the encryption later on. It's a tactic called harvest now, decrypt later.

Third, tomorrow's PQC techniques will need to work everywhere, including smart cards, IoT devices and even everyday connected appliances. In short, anything and everything where data must be safeguarded, no matter how mundane.

In the United States, the National Institute of Standards and Technology (NIST) is already working to develop and standardize a new generation of PQC algorithms.

NIST has currently released three PQC standards:

  • FIPS 203. Federal Information Processing Standard 203 is intended for general encryption using lattice-based algorithms.
  • FIPS 204. This standard is intended to protect digital signatures used for authentication and also based on lattice algorithms.
  • FIPS 205. This standard is also designed for digital signatures and uses a stateless hash-based digital signature algorithm. FIPS 205 is intended to serve as a backup to FIPS 204 if the need arises.

Do you think quantum computing is an imminent threat to security? Why or why not? Let us know your thoughts in the comments below, and remember to like and subscribe, too.

Stephen J. Bigelow, senior technology editor at Informa TechTarget, has more than 30 years of technical writing experience in the PC and technology industry.

View All Videos