This document provides an introduction to post-quantum cryptography. It discusses how quantum computers could break current public key cryptography and outlines several approaches to post-quantum cryptography, including lattice-based, code-based, multivariate, hash-based, and isogeny-based cryptography. It summarizes the National Institute of Standards and Technology's post-quantum cryptography standardization project and competition, which is evaluating these approaches.
A brief presentation on Position-Based, Device-Independent and Post Quantum Cryptographies. Detailing Position-Based QC, defining Device-Independent QC and discussing Post Device-Independent.
Apresentação sobre Criptografia baseada em reticulados (lattices), realizada no contexto da disciplina de Post-Quantum Cryptography do PPGCC da UFSC.
Versão odp: http://coenc.td.utfpr.edu.br/~giron/presentations/aula_lattice.odp
A brief presentation on Position-Based, Device-Independent and Post Quantum Cryptographies. Detailing Position-Based QC, defining Device-Independent QC and discussing Post Device-Independent.
Apresentação sobre Criptografia baseada em reticulados (lattices), realizada no contexto da disciplina de Post-Quantum Cryptography do PPGCC da UFSC.
Versão odp: http://coenc.td.utfpr.edu.br/~giron/presentations/aula_lattice.odp
Slides for a college cryptography course at CCSF. Instructor: Sam Bowne
Based on: Understanding Cryptography: A Textbook for Students and Practitioners by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000 ASIN: B014P9I39Q
See https://samsclass.info/141/141_F17.shtml
Quantum Knowledge Proofs and Post Quantum Cryptography - A PrimerGokul Alex
Lecture presented on Quantum Computing Workshop organised by Government of West Bengal Department of Information Technology on October 2018. This presentation explores the differences between Quantum Cryptography, Post Quantum Cryptography and outlines the fundamentals of Zero Knowledge Proof Protocols and how Quantum Information can redefine the landscape of Proof Systems in general and Zero Knowledge Proof in specific context.
Slides from the presentation "Modern Cryptography" delivered at Deovxx UK 2013. See Parleys.com for the full video https://www.parleys.com/speaker/5148920c0364bc17fc5697a5
In cryptography, a one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random ...
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
Slides for a college cryptography course at CCSF. Instructor: Sam Bowne
Based on: Understanding Cryptography: A Textbook for Students and Practitioners by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000 ASIN: B014P9I39Q
See https://samsclass.info/141/141_F17.shtml
Quantum Knowledge Proofs and Post Quantum Cryptography - A PrimerGokul Alex
Lecture presented on Quantum Computing Workshop organised by Government of West Bengal Department of Information Technology on October 2018. This presentation explores the differences between Quantum Cryptography, Post Quantum Cryptography and outlines the fundamentals of Zero Knowledge Proof Protocols and how Quantum Information can redefine the landscape of Proof Systems in general and Zero Knowledge Proof in specific context.
Slides from the presentation "Modern Cryptography" delivered at Deovxx UK 2013. See Parleys.com for the full video https://www.parleys.com/speaker/5148920c0364bc17fc5697a5
In cryptography, a one-time pad (OTP) is an encryption technique that cannot be cracked if used correctly. In this technique, a plaintext is paired with a random ...
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
Quantum cryptography by Girisha Shankar, Sr. Manager, CiscoVishnu Pendyala
Quantum computing is said to break the Internet by making the underlying encryption ineffective. This session, hosted by ICON@Cisco tells you how Quantum cryptography, which has the potential to protect the Internet, works.
Cryptography and network security Nit701Amit Pathak
Cryptography and network security descries the security parameter with the help of public and private key. Digital signature is one of the most important area which we apply in our daily life for transferring the data.
For a college course -- CNIT 140: "Cryptography for Computer Networks" at City College San Francisco
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
First presentation of a Cryptography series, it aims to provide a high level overview of cryptography, clarify its objectives, define the terminology and explain the basics of how digital security systems, like Bitcoin, are built.
Mike Dance is a web developer and Bitcoin advocate.
----------
Presented at the BitcoinSYD Meetup on 11 February 2015
We discuss the emerging threat and implications of quantum computing technology on the security of cryptosystems currently deployed in applications, and why system designers should consider addressing this risk already in the near term. We then discuss an overview of the current approaches for building quantum safe cryptosystems and their security and performance aspects. We conclude with a glimpse at the state of the art and research challenges in the area of quantum-safe cryptography, including the design of more advanced quantum-safe cryptographic protocols, such as privacy-preserving cryptocurrencies.
Quantum Computing & Cryptography: A Brief IntroductionHedera Hashgraph
Often touted as the next computational paradigm, many race to develop the first large-scale quantum computer. Google’s recent announcement that they achieved quantum supremacy — the ability for a quantum computer to do something a classical computer cannot — highlights concerns on whether we are prepared for a post-quantum world, one in which widely deployed cryptographic algorithms are broken. But how advanced are quantum computers really, and should we be worried about their impact on distributed ledger technologies?
Join Atul Luykx, Head of Cryptography at Hedera Hashgraph, to learn how quantum computing is impacting cryptography and its applications. In this webinar, you’ll learn:
- What happens when cryptography is broken?
- How quantum computing breaks cryptography?
- What can be done to avoid quantum attacks?
- Hedera Hashgraph’s approach on quantum resistance in its consensus algorithm and public ledger.
- Updates on the latest post-quantum cryptography developments
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
This is the presentation that I presented in Sony Istanbul to developers, BAs, QAs. In this presentation, you can find the explanations about basic terminology for Cryptography that is used in daily life.
For a college course at Coastline Community College taught by Sam Bowne. Details at https://samsclass.info/125/125_F17.shtml
Based on: "CISSP Study Guide, Third Edition"; by Eric Conrad, Seth Misenar, Joshua Feldman; ISBN-10: 0128024372
Similar to Emily Stamm - Post-Quantum Cryptography (20)
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
4. Whatis Cryptography?
Cryptography from Greek kryptós "hidden / secret” and graphein, "to write”
• From the Caesar Shift 2000 yearsago
• To the Lorenz Cipher Machinein WWII
• To today:’secure communicationin presence of third parties’
5. Cryptography Today
Confidentiality:restrict the access of
information
Integrity:verify that data has not
been altered (maliciously or
accidentally)
Authentication: verify the identity of
a party
Types of Cryptography
1. Public Key Cryptography (Asymmetric)
2. Secret Key Cryptography (Symmetric)
3. Cryptographic Hashing
6. Hard Math Problems: the strengthof
the algorithm relies on the hardness of
some underlying math problem
What is
Good
Cryptography?
Proper Implementation: algorithms must
be correctly implemented so as not to
leak information
Key Secrecy: secret piece of information
(key) used to uncover information
7. What is
Public Key Cryptography?
• Key to encrypt and the key to decrypt are different
• Public Key:known to everyone
• Private Key:known to parties accessing data
• Digital signature version: private key to sign and public key to verify
• Examples:RSA, DSA, Diffie-Hellman, Elliptic Curve Cryptography
8. Where is
Public Key
Cryptography Used?
• Used anytime two or more
parties need to
communicate
• ‘Parties’ aren’t necessarily
people (browsers, servers,
endpoints)
• E.g. HTTPS, Firewalls,
Routers, Printers, SSH, TLS,
Bitcoin
10. Quantum Computing
• A quantum computer is a computer based
on quantum physics rather than classical
physics
• Instead of a bit uses a quantum bit or qubit
The D-Wave 2000Q Quantum Computer
IBM’s50-qubit quantum computer
• Take advantage of quantum phenomenon to perform some
tasks much more efficiently
• E.g. entanglement, parallelism, interference
11. • Shor’s Algorithm: quantum factoring algorithm in ~4n3 time, 2n qubits
• Reduces factoring to finding the period and breaks RSA
• Efficiently computed using Quantum FourierTransform to reveal periodicities
• Similaralgorithm for elliptic curve (n bit finite field) attack in ~ 360n3 time, 6n qubits
• Similaralgorithmsfor all PKC based on (abelian) hidden subgroupproblem
• Eventually all our current public key cryptography will be obsolete
Effect on Cryptography
IBM’s50-qubit quantum computer
12. • Quantum cryptography is cryptography that runs on a quantum computer
• Security like no other form of cryptography by laws of quantum mechanics against quantum
and classical attacks
Quantum Cryptography
Thor Labs,
Quantum Cryptography Analogy
Demonstration Kit
13. What is
POST-QUANTUM CRYPTOGRAPHY?
Problem: Quantum cryptography requires a quantum computer, which is expensive,
large, and requires extreme conditions
Solution: Post-QuantumCryptography (PQC) cryptography that runs on current
computers and is secure against classical and quantum attacks
Kahn, 2019
15. NIST Competition for
Post-QuantumCryptography (PQC)
Currently evaluatingand eliminatingcryptosystems
5 levelsof security
Encryption/Key Exchange and Signatures
Identify hardnessassumptions
that are not broken by quantum
computers
Build cryptosystems based on
these problems
Prove security against quantumand
classical attacks
16. Why Switch to PQC Now?
1. PQC works on current computers
2. More secure against quantum and classical attacks
3. It’s hard to estimate when quantum threat will
occur
4. Transitioning cryptography takes many years
5. Some implementations may not be able to switch
cryptography in time
eg: a satellite goes into space for 30 years
6. Government agencies announced switch to PQC
based on NIST results
20. Hard LatticeProblems
• Shortest Vector Problem (SVP): Given a basis for a lattice, find
the shortest nonzero vector in the lattice.
• Given a ‘bad’ basis, this is NP-hard
• Closest Vector Problem (CVP): Given a basis for a lattice and a
target vector, find the closest lattice vector.
• Generalization ofSVP – same hardness
• Special Case is Bounded Decoding Distance (BDD) Problem:
Given a basis for a latticeand target vector of distance at
most m to the lattice, find the closest lattice vector.
SVP
CVP
21. • b1 = <a1, s> + e1 mod q
• b2 = <a2, s> + e2 mod q
• …
• bm= <am, s> + em mod q
• Each ai is a random vector
• The s is the secret vector
• Each ei is the error term – a small random number
• Problem: Given the pairs (ai,bi) for i = 1, … , m, find the secret vector s
• Formulated as a Bounded Distance Decoding lattice problem:
Given A ={(ai)} a matrix, b = {(bi)} = As + e mod q, where is from e error distribution,
Find target vector s close enough to latticegenerated by solutionsto y = As mod q
Learning With Errors
Buchanan 2018
s
a1
a2
…
am
b1
b2
…
bm
e1
e2
…
em
22. Alice Bob
Bob sends ciphertext (a,b) to Alice
Eve
LWE Lattice Scheme
Asymmetric Encryption & Decryption
Alice sends public key to Bob
Public Key:
Recover s by solving Bounded Distance Decoding Problem
3. DECRYPTION
Bob has bit x = 0 or 1
2. ENCRYPTION
• b1 = <a1, s> + e1 mod q
• b2 = <a2, s> + e2 mod q
• …
• bm= <am, s> + em mod q
Private Key:
1. KEY GENERATION
s
23. Lattice-based
Encryption Schemes(9) Digital Signatures (3)
• FrodoKEM: LWE
• LAC: LWE
• NewHope: Ring LWE
• NTRU: Ring LWE
• Kyber : Module LWE
• Three Bears: Module LWE
• Round5: Learning with Rounding (LWR)
• NTRU Prime: Ring LWR
• SABER: Module LWR
• CRYSTALS-DILITHIUM : Module LWE
• FALCON : Ring LWE
• qTESLA : Ring LWE
24. Code-BasedCryptography
• Cryptography based on error correcting codes: maps that ‘correct’ the error of an
input i.e. f(x+e) = x for small error e
• 1978: McEliece
• NIST: 7 Encryption
• Pros
• Fast to encrypt/decrypt
• Hardness well studied and understood (>40 years)
• Cons
• Large key sizes (10,000-1 million bits)
• Classic
McEliece
• NTS-KEM
• BIKE
• HQC
• LEDAcrypt
• Rollo
• RQC
25. Error Correcting Codes
A map is error correcting if it sends an input (+/- small error)
back to itself, that is, it ’corrects the error’
26. Alice Bob
Bob sends ciphertext c to Alice
Eve
McEliece Code-based Scheme
Asymmetric Encryption & Decryption
Alice sends public key G to Bob
Public Key:
Find without knowing error e
Private Key:
1. KEY GENERATION
Public Key:
3. DECRYPTION
Bob has message m vector
2. ENCRYPTION
Given message m and small
random error vector e,
get ciphertext
27. MultivariateCryptography
• Cryptography based on polynomial equations in multiple variables
• 1998: C* (Matsumoto Imai) now broken but inspired other schemes
• 1996: HFE Hidden Field Equations (Patarin)
• NIST: 4 Digital Signatures
• GeMSS
• LUOV
• MQDSS
• Rainbow
• Pros
• Fast (much faster than RSA)
• Small signature size
• Operations are simple arithmetic
• Cons
• Large key sizes (80,000-800,000 bits)
• Security analysis difficult
28. Hash-Based Cryptography
• Cryptography based on hash functions
• 1978: Combine one-time hash signatures with Merkle trees (Merkle)
• NIST: 2 Digital Signatures
• Picnic
• SPHINCS+
• Pros
• Only security assumption is security of hash function
• Easily replace hash functions with newer/efficient/secure
• Fast
• Cons
• Large private key and signatures
• Only finite number of signatures
29. Isogeny-Based Cryptography
• Cryptography based on maps between elliptic curves
• 2011: SIDH Supersingular Isgoney Diffie-Hellman (De Feo, Jao, Plu)
• NIST: 1 Encryption
• SIKE (Supersingular Isogeny Key Exchange)
• Pros
• Smallest key sizes of all remaining cryptosystems:6,000 bits
• Cons
• Security problem upon which SIKE not been studied as much
• Slower than manyother candidates
Leuven,2019
30. CONCLUSIONS
• Cryptography ensures secure communicationin the presence of
third parties through difficult math problems
• Quantum computer uses quantummechanics
• Quantum algorithms(e.g. Shor’s Algorithm ) can break current
public key cryptography(e.g. RSA, ECC)
• Post-Quantum Cryptography runs on our current computers but
is (conjectured) secure againstquantum and classical computers
31. Conclusions: PQC Types
Lattice-Based Cryptography: Learning with Errors
Code-Based Cryptography (encryption): Error Correcting Codes
Multivariate Cryptography (signatures): Equations in Multiple Variables
Hash-Based Cryptography (signatures): Hash functions and Merkle Trees
Isogeny-Based Cryptography (encryption): Maps between Elliptic Curves
33. References
Thor Labs https://www.thorlabs.com/newgrouppage9.cfm?objectgroup_id=9869
Jeremy Kahn 2018
https://www.bloomberg.com/news/articles/2018-06-29/why-quantum-computers-will-be-super-awesome-someday-quicktake
Learning With Errors and Ring Learning With Errors
Buchanan 2018
https://medium.com/asecuritysite-when-bob-met-alice/learning-with-errors-and-ring-learning-with-errors-23516a502406
Ku Leuven, ELLIPTIC CURVES ARE QUANTUM DEAD, LONG LIVE ELLIPTIC CURVES, 2019
CURVEShttps://www.esat.kuleuven.be/cosic/elliptic-curves-are-quantum-dead-long-live-elliptic-curves/