“People ask me to predict the future, when all I want to do is prevent it. Better yet, build it. Predicting the future is much too easy, anyway. You look at the people around you, the street you stand on, the visible air you breathe, and predict more of the same. To hell with more. I want better.”
— Ray Bradbury, from Beyond 1984: The People Machines
Every engineered system has a weakness, and it only takes a short while for someone to compromise it. This calls for new innovations, which can be achieved by investigating the potential applications of algebraic structures like hyperelliptic curves, groups and rings, lattice-based cryptography, and elliptic curves.
In the last 20 years - quantum cryptography, a subfield of quantum information theory, has emerged as a novelty in cryptography.
The goal of quantum cryptography is to resolve the issue of key distribution, a crucial aspect of cryptography that permits data security.
The system is shown in Fig.1. The key enables the data to be encoded to the point where the key used to encode it must be known in order to decode it. The coding of the provided data using the key is referred to as encryption, and the opposite, step-by-step process of decoding the encrypted data is referred to as decryption.
Data encryption renders information useless and shields it from unlawful access. There are several uses of quantum optics nowadays, including quantum cryptography, which was formerly thought to be impossible. Quantum engineering is, however, becoming a reality.
Fig.1: Quantum Cryptography System
Based on how encryption algorithms utilize encryption keys, they may be divided into one of two groups. The same secret key is used by symmetric encryption methods for both encryption and decryption. Two related keys are used in asymmetric or public-key encryption methods.
Quantum cryptography carries out cryptographic operations using quantum physics. Quantum key distribution is the most popular use case of quantum cryptography.
Building asymmetric encryption techniques requires solving a "hard" mathematical issue. It is much simpler to carry out an operation in this mathematical formalism than to reverse it.
Public-key cryptography's security is based on how "hard" these fundamental issues are. The security of the method is compromised if the "hard" function can be resolved with polynomial complexity.
Even if it is literally thousands of times more difficult to break cryptography than it is to use it, an attacker with enough resources and motivations (such as nation-states, etc.) may carry out the assault.
Since the existence of Shor's algorithm, asymmetric cryptography is threatened by quantum computing. Shor's technique can crack the security of asymmetric encryption by solving the factoring problem in polynomial time on sufficiently powerful quantum computers.
Because they employ "hard" issues (factoring, logarithms, etc.) that quantum computers do not find "hard," such as factoring, and logarithms, the classical asymmetric cryptography methods now in use are weak.
However, there are also additional "hard" issues that are thought to be as challenging for quantum computers. It is possible to develop post-quantum asymmetric cryptography techniques using these issues.
Fig.2: Post Quantum Cryptography
Comparable to how AES is a standard for symmetric cryptography, NIST is now holding a competition to choose algorithms for post-quantum cryptography standards. The competition is about to come to a conclusion, and within the next several years, the chosen algorithms should be made public.
Following the release of the final algorithms, standards will be developed based on them. This will start a phase of implementation as businesses seek to switch protocols and technology from conventional to post-quantum techniques.
In current technology, asymmetric encryption methods are essential. Ideally, post-quantum algorithms will make it possible to create "drop-in replacements" for specific kinds of public-key cryptography-based algorithms, particularly key-sharing and digital signature algorithms.
NIST claims that several of the finalists for post-quantum cryptography standards have problems that make it impossible for them to be used as stand-alone solutions. These consist of:
Support and solutions for the following may be required in implementations and system based on these algorithms:
It is unclear whether post-quantum algorithms will be able to fit into current protocols due to these difficulties and constraints. There will be a need for new and updated protocols, which may need to specify how various algorithms should be applied in certain situations, how messages should be divided to handle size concerns, etc.
Before standardized implementations can be created, these new protocols must be defined once the final algorithms have been chosen.
While there are quantum computers today, they are far from being powerful enough to crack the existing asymmetric encryption techniques. Large-scale quantum computing is still several years away, despite the industry's rapid advancement.
However, due to the lengthy nature of the process, NIST is still conducting its post-quantum competition and creating standards today. Furthermore, to defend against "collect now, decode later" attacks, post-quantum encryption must be implemented as soon as feasible.
Some of the procedures that will need to be followed during the switch to post-quantum encryption were described in NIST's whitepaper. These consist of:
Post-quantum encryption won't be adopted quickly or easily. However, it will be years before we see big quantum computers, giving us time to develop a solution.