Advanced

A usability study of post-quantum algorithms

Kindberg, Marcus LU (2017) EITM01 20171
Department of Electrical and Information Technology
Abstract
There is a non-negligible risk that a quantum computer capable of breaking most modern public key encryption will be invented within the next couple of decades. All data that have to stay secret for more than 10-20 years should therefore be encrypted using quantum-resistant algorithms. There are different ways of approaching the problem of quantum security and the currently existing quantum-resistant algorithms for encryption and key exchange can be divided into four categories; Lattice-based, Supersingular elliptic curves, Code-based and Multivariate. The performance of the algorithms in the different categories varies and to evaluate the strengths and weaknesses of each, further study is needed. This thesis provides an overview of... (More)
There is a non-negligible risk that a quantum computer capable of breaking most modern public key encryption will be invented within the next couple of decades. All data that have to stay secret for more than 10-20 years should therefore be encrypted using quantum-resistant algorithms. There are different ways of approaching the problem of quantum security and the currently existing quantum-resistant algorithms for encryption and key exchange can be divided into four categories; Lattice-based, Supersingular elliptic curves, Code-based and Multivariate. The performance of the algorithms in the different categories varies and to evaluate the strengths and weaknesses of each, further study is needed. This thesis provides an overview of algorithms in each category, a comparison of existing implementations of algorithms from the first three categories, and an evaluation of the results. The comparison includes metrics concerning the performance, implementation and security of each algorithm.

All of the considered categories have both advantages and disadvantages and, to be able to choose the right one, the requirements of the application must be considered. Overall, however, the lattice-based algorithms seem to provide the best trade-off between speed, key size and memory consumption, and are relatively easy to implement. (Less)
Popular Abstract
The possible invention of large scale quantum computers poses a serious threat to modern cryptography. Quantum computers can easily break most modern public key cryptography and in order to keep data safe new algorithms has to be used. The currently used algorithms were, however, chosen for a reason and finding good replacements requires evaluation of the options.
Please use this url to cite or link to this publication:
author
Kindberg, Marcus LU
supervisor
organization
course
EITM01 20171
year
type
H2 - Master's Degree (Two Years)
subject
keywords
post-quantum cryptography
report number
LU/LTH-EIT 2017-583
language
English
id
8918875
date added to LUP
2017-06-27 11:38:38
date last changed
2017-06-27 11:38:38
@misc{8918875,
  abstract     = {There is a non-negligible risk that a quantum computer capable of breaking most modern public key encryption will be invented within the next couple of decades. All data that have to stay secret for more than 10-20 years should therefore be encrypted using quantum-resistant algorithms. There are different ways of approaching the problem of quantum security and the currently existing quantum-resistant algorithms for encryption and key exchange can be divided into four categories; Lattice-based, Supersingular elliptic curves, Code-based and Multivariate. The performance of the algorithms in the different categories varies and to evaluate the strengths and weaknesses of each, further study is needed. This thesis provides an overview of algorithms in each category, a comparison of existing implementations of algorithms from the first three categories, and an evaluation of the results. The comparison includes metrics concerning the performance, implementation and security of each algorithm. 

All of the considered categories have both advantages and disadvantages and, to be able to choose the right one, the requirements of the application must be considered. Overall, however, the lattice-based algorithms seem to provide the best trade-off between speed, key size and memory consumption, and are relatively easy to implement.},
  author       = {Kindberg, Marcus},
  keyword      = {post-quantum cryptography},
  language     = {eng},
  note         = {Student Paper},
  title        = {A usability study of post-quantum algorithms},
  year         = {2017},
}