quantum cryptography – Noise

NCSC Releases Post-Quantum Cryptography Timeline

Bruce Schneier — Fri, 21 Mar 2025 11:47:32 +0000

The UK’s National Computer Security Center (part of GCHQ) released a timeline—also see their blog post—for migration to quantum-computer-resistant cryptography. It even made The Guardian.

Simson Garfinkel on Spooky Cryptographic Action at a Distance

Bruce Schneier — Wed, 30 Oct 2024 14:48:19 +0000

Excellent read. One example:

Consider the case of basic public key cryptography, in which a person’s public and private key are created together in a single operation. These two keys are entangled, not with quantum physics, but with math.

When I create a virtual machine server in the Amazon cloud, I am prompted for an RSA public key that will be used to control access to the machine. Typically, I create the public and private keypair on my laptop and upload the public key to Amazon, which bakes my public key into the server’s administrator account. My laptop and that remove server are thus entangled, in that the only way to log into the server is using the key on my laptop. And because that administrator account can do anything to that server—read the sensitivity data, hack the web server to install malware on people who visit its web pages, or anything else I might care to do—the private key on my laptop represents a security risk for that server...

Lattice-Based Cryptosystems and Quantum Cryptanalysis

Bruce Schneier — Tue, 28 May 2024 11:09:28 +0000

Quantum computers are probably coming, though we don’t know when—and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The National Institute for Standards and Technology (NIST) has been hosting a competition since 2017, and there already are several proposed standards. Most of these are based on lattice problems.

The mathematics of lattice cryptography revolve around combining sets of vectors—that’s the lattice—in a multi-dimensional space. These lattices are filled with multi-dimensional periodicities. The ...

New Lattice Cryptanalytic Technique

Bruce Schneier — Mon, 15 Apr 2024 11:04:50 +0000

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems.

A few things to note. One, this paper has not yet been peer reviewed. As this comment points out: “We had already some cases where efficient quantum algorithms for lattice problems were discovered, but they turned out not being correct or only worked for simple special cases.” I expect we’ll learn more about this particular algorithm with time. And, like many of these algorithms, there will be improvements down the road...

Side-Channel Attack against CRYSTALS-Kyber

Bruce Schneier — Tue, 28 Feb 2023 12:19:15 +0000

CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process.

Researchers have just published a side-channel attack—using power consumption—against an implementation of the algorithm that was supposed to be resistant against that sort of attack.

The algorithm is not “broken” or “cracked”—despite headlines to the contrary—this is just a side-channel attack. What makes this work really interesting is that the researchers used a machine-learning model to train the system to exploit the side channel...

NIST’s Post-Quantum Cryptography Standards

Schneier.com Webmaster — Mon, 08 Aug 2022 11:20:29 +0000

Quantum computing is a completely new paradigm for computers. A quantum computer uses quantum properties such as superposition, which allows a qubit (a quantum bit) to be neither 0 nor 1, but something much more complicated. In theory, such a computer can solve problems too complex for conventional computers.

Current quantum computers are still toy prototypes, and the engineering advances required to build a functionally useful quantum computer are somewhere between a few years away and impossible. Even so, we already know that that such a computer could potentially factor large numbers and compute discrete logs, and break the RSA and Diffie-Hellman public-key algorithms in all of the useful key sizes...

More on NIST’s Post-Quantum Cryptography

Bruce Schneier — Tue, 08 Sep 2020 06:12:58 +0000

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection criteria. Interesting stuff. NOTE: We’re in the process of moving this blog to WordPr...