Quantum computers are able to completely and irreversibly break the most widely used public key procedures today. Post-quantum cryptography can prevent this. But how safe are the new procedures and what should be considered when implementing them?
What sounded like science fiction a few years ago is now within reach: quantum computers with previously unheard of computing power endanger today's cryptography - and thus the entire digital infrastructure.
Quantum computers: the danger that comes from the future
Although it will probably take a few years before it can be used across the board, companies need to prepare for the quantum age now in terms of security. With the help of quantum computer-resistant encryption methods, it is already possible today to guarantee the confidentiality and protection of information in the long term. So-called post-quantum cryptography makes use of cryptographic methods that are both secure against attacks with quantum computers and against classical attacks.
Post-quantum algorithms as the new encryption
In 2016, the US National Institute of Standards and Technology (NIST) initiated a standardization process, the aim of which is to test and standardize several post-quantum algorithms for key exchange and digital signature. Seven finalists made it into the third and final round of the process last year. These include CRYSTALS-Kyber, a grid-based algorithm that uses the complexity of grids and thus a difficult mathematical problem to encrypt information. But how secure is this potential post-quantum standard really? IT security experts from TÜV Informationstechnik GmbH (TÜViT) asked themselves this question and took a closer look at CRYSTALS-Kyber - or rather the oscilloscope.
Post-quantum security using the example of CRYSTALS-Kyber
The project team, consisting of Hauke Malte Steffen, Lucie Johanna Kogelheide and Timo Bartkewitz, examined a chip on which the post-quantum algorithm, as intended by the developer, was implemented. To test the chip, they used what is already known from classic cryptography: The fact that current cryptographic methods can be attacked by exploiting side channels.
"The focus was on the question of whether we can access the actually confidential data on the chip despite quantum-secure encryption," explains Hauke Malte Steffen, working student in the Hardware Evaluation department at TÜViT. “To do this, we measured the current that the chip consumed during message encryption in our hardware laboratory. The reason is that different operations also lead to different power consumption, which in turn enables us to draw conclusions about the encrypted data. ”With success: The IT security experts succeeded in attacking the reference implementation of CRYSTALS-Kyber and the data accordingly read out.
In the next step, the project team therefore considered how the grid-based algorithm could be safely implemented. In this context, they developed four different implementations, each with a more complex level of countermeasures. Including, for example, creating a dummy or randomizing bits. The result: Even the first stage significantly reduced the likelihood of a successful attack, the fourth implementation prevented it entirely.
More at TUVit.de
About TÜV Informationstechnik
TÜV Informationstechnik GmbH is geared towards testing and certifying security in information technology. As an independent testing service provider for IT security, TÜV Informationstechnik GmbH is an international leader. Numerous customers already benefit from the company's tested security. The portfolio includes cyber security, evaluation of software and hardware, IoT / Industry 4.0, data protection, ISMS, smart energy, mobile security, automotive security, eID and trust services as well as testing and certification of data centers with regard to their physical security and high availability.