SlideShare a Scribd company logo

Post Quantum Cryptography – The Impact on Identity

team-WIBU
team-WIBU

As PQC continues to be a major topic for many companies and Government Institutions, we take a dive into the topics of quantum computers, post-quantum-cryptography, and the potential relevance for (ID) use cases. This seminar would like to present the principles of the technology and the latest developments in this field as well some indication as to the relevance, impact, and consequences on (Government) ID projects or use cases. The seminar may also look towards the relationship with these projects not only from a hardware standpoint but also from a software algorithmic stance as we migrate from current used crypto systems to quantum-proof systems. KEY TAKEAWAYS What is a Quantum Computer, what is Post Quantum Cryptography and when will we see a quantum computer? The migration from current crypto systems to quantum proof systems. How will PQC and QC affect (Government) ID projects and implementations. What will QC mean for the security proofing of ID and Information in the future. TARGET AUDIENCE Interested parties in the field of Identity and Security. Government bodies looking to the future for ID document management systems Enterprises looking to understand the potential impact of QC upon their business and industries. PRESENTATION: Cryptoagility and Quantum Resistance: Easier Said Than Done. Ever since the publication of Shor’s quantum algorithm for the factorization of large numbers, it has been known that quantum computers could at some point pose a threat to our communication and data security. Today we have cloud access to small, functioning quantum computers. The answer to this threat is quantum-resistant cryptography: cryptographic methods for classical computers that are robust against attacks by quantum computers. The standardization of such methods is currently ongoing. However, these methods are based on mathematical problems, that are much younger than the factorization problem already investigated by Euclid. On the other hand, currently used cryptographic methods such as RSA or ECDSA are broken as soon as a sufficiently large quantum computer exists. Cryptoagility is therefore recommended, software should be built or modified in such a way that cryptographic algorithms are easily substitutable. But how great is the danger posed by quantum computers? To what extent is cryptography affected, and when do we need to take action? Is cryptoagility really so easy to implement in practice or is this perhaps much easier said than done?

Software
1 of 30
Download to read offline
Cryptoagility and Quantum Resistance: Easier Said Than Done Post Quantum Cryptography – The Impact on Identity Dr. Carmen Kempka Director Corporate Technology WIBU-SYSTEMS AG 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done
To access the on-demand replay of this masterclass, please visit https://www.wibu.com/wibu-systems-webinars/post- quantum-cryptography-the-impact-on- identity/access.html 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done
The cat-and-mouse-game of cryptography 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done Cryptography develops. So does cryptoanalysis. 3
Cryptography and quantum computers: What is broken? Certificate Public Key: 0011101001 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 15
Post Quantum Cryptography Cryptographic algorithms are resistant against quantum attacks 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 16
Based on hard mathematical problems • RSA: factoring large numbers • ECC: discrete logarithms (DLOG) Asymmetric cryptography NP Exp P 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 17
Based on hard mathematical problems • RSA: factoring large numbers • ECC: discrete logarithms (DLOG) • PQC algorithms are based on various, different mathematical problems that are not easily solvable by quantum computers Asymmetric cryptography NP Exp P SVP LWE SIS Lineare Codes 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 18
Based on hard mathematical problems • RSA: factoring large numbers • ECC: discrete logarithms (DLOG) • PQC algorithms are based on various mathematical problems that are not easily solvable by quantum computers • These mathematical problems are much younger and less analyzed! Asymmetric cryptography NP Exp P SVP LWE SIS Analyzed for less than 20 years Lineare Codes 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 19
PQC Timeline 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 20
PQC Timeline July 2022: publication of PQC algorithms selected for NIST standard 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 21
PQC Timeline July 2022: publication of PQC algorithms selected for NIST standard 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done August 2022: candidate SIKE broken on classical computer 22
• RSA, ECC:  Factoring and DLOG have been analyzed since around 300 bc (Euclid)  High trust in security against classical attacks − Fully broken with quantum computers – but when? • PQC algorithms • Mathematical problems quite new • No known relevant attacks by classical or quantum computers • Situation hard to assess: not many people have expertise in quantum computers and cryptography or the math behind the PQC schemes The PQC dilemma 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 23
Cryptoagility Bildquelle: https://www.goodfreephotos.com/public-domain-images/fitting-the-last-puzzle-piece.jpg.php (Public Domain) 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 24
What do we have? PQC Lattice-based Code-based Isogenies on elliptic curves Multivariate polynomials (signatures only) Hash-based (signatures only) 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 25
What do we have? PQC Lattice-based Code based- Isogenies on elliptic curves Multivariate polynomials (signatures only) Hash based- (signatures only) 4th round  McEliece  BIKE  HQC SIKE  SPHINCS+ State based:  XMSS  LMS  Dilithium  Falcon  Kyber Rainbow 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 26
Cryptoagility The ideal world public abstract class Encryptor { abstract String encrypt(int publicKey, String message); } public class RSAEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with RSA> return ciphertext; } } public class KyberEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with Kyber> return ciphertext; } } 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 27
Cryptoagility The ideal world public abstract class Encryptor { abstract String encrypt(int publicKey, String message); } public class RSAEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with RSA> return ciphertext; } } public class KyberEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with Kyber> return ciphertext; } } Cryptoagile concept  Modularity  Crypto algorithms can be easily replaced if broken  Once large enough quantum computers exist to break our crypto algorithms, the algorithms are just replaced by PQC algorithms – problem solved 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 28
Cryptoagility: the real world © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 2024-04-10 © WIBU-SYSTEMS AG 2024 29
Cryptoagility: easier said than done • Different mathematical structures • Large difference in memory requirements • Very different in performance • Very different key sizes and formats • Developers need to learn a lot for each new algorithm • Test vectors • Formats • Memory/performance trade-offs • Which intermediate results need to be kept secret • How to implement resistance against side channels • Other best practices in implementation and usage • … 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 30
How to deal with cryptoagility • Plan with enough time and resources • management needs to be aware of the full extent of the problem 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 32
How to deal with cryptoagility • Threat analysis • Find out where cryptography is used in your system and what is protected against what • Maybe use the opportunity to re-asses your security architecture 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 33
How to deal with cryptoagility • Identify memory and performance requirements • Hardware requirements • Availability requirements of cloud systems • Response time • Bandwidth • … 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 34
How to deal with cryptoagility • Flexibility • Restructure code: you need modularity and more flexibility • Hardcoded sizes or fixed formats could become a problem • Maybe use the opportunity to clean up your code base 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 35
How to deal with cryptoagility • Get experience • Try out open source PQC libs to identify performance issues etc. • Do research projects 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 36
How long do we have time? When should we start integrating quantum resistant cryptography? 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 37
Mosca’s Theorem When should we start? Let… …X the time for which encryption should be secure …Y the time needed for migrating to PQC …Z the time remaining until quantum computers are sufficiently advanced to break current cryptographic systems Theorem (Mosca): Source Mosca‘s Theorem: https://csrc.nist.gov/csrc/media/events/workshop-on-cybersecurity-in-a-post-quantum-world/documents/presentations/session8-mosca-michele.pdf X Y Z  If X + Y > Z, then worry 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 38
Mosca’s Theorem When should we start? Let… …X the time for which encryption should be secure …{Y1..Yn} the time needed for migrating the entire value chain to PQC …Z the time remaining until quantum computers are sufficiently advanced to break current cryptographic systems Theorem: X Z  If X + Y > Z, then worry 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done Y1 Y2 Y3 39
When do quantum computers start becoming dangerous We don’t know that. • Needed to break ECC 256: around 2330 logical qubits or several million physical qubits • Needed to break RSA 2048: around 4096 logical qubits or several million physical qubits • Currently existing quantum computers have a few hundred physical qubits Seems we are still far away from having our crypto systems broken, but everything between < 10 and > 30 years is possible 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 40
Migration to PQC • Long-term security: combination of different algorithms • Hybrid certificates • Double encryption • Cryptoagility • Where is cryptography used in your system? • Make cryptography updatable and replaceable • Find a good strategy for the transition • Identify dependencies • Coordinate migration to PQC with suppliers and customers • Requirements of downwards compatibility and interoperability 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 41
Europe: +49-721-931720 USA: +1-425-7756900 China: +86-21-55661790 Japan: +81-45-5659710 https://www.wibu.com info@wibu.com Thank You! Let’s keep in touch 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 42

Recommended

Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...MyNOG
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkADVA
 
How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical Networks How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical NetworksADVA
 
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...BlueHat Security Conference
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networksADVA
 
Network architecture design for microservices on GCP
Network architecture design for microservices on GCPNetwork architecture design for microservices on GCP
Network architecture design for microservices on GCPRaphaël FRAYSSE
 
Quantum computing
Quantum computingQuantum computing
Quantum computingMiguel Antonio Rey
 

Recommended

Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...MyNOG
 
Quantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkQuantum threat: How to protect your optical network
Quantum threat: How to protect your optical networkADVA
 
How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical Networks How to Quantum-Secure Optical Networks
How to Quantum-Secure Optical NetworksADVA
 
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...BlueHat Security Conference
 
ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA launches world’s first commercial optical transport solution with post-q...
ADVA launches world’s first commercial optical transport solution with post-q...ADVA
 
The quantum age - secure transport networks
The quantum age - secure transport networksThe quantum age - secure transport networks
The quantum age - secure transport networksADVA
 
Network architecture design for microservices on GCP
Network architecture design for microservices on GCPNetwork architecture design for microservices on GCP
Network architecture design for microservices on GCPRaphaël FRAYSSE
 
Quantum computing
Quantum computingQuantum computing
Quantum computingMiguel Antonio Rey
 
Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy
 
Quantum Cryptography
Quantum Cryptography Quantum Cryptography
Quantum Cryptography The Cryptography Centre For Excellence
 
Experiences evaluating cloud services and products
Experiences evaluating cloud services and productsExperiences evaluating cloud services and products
Experiences evaluating cloud services and productsJavier Tallón
 
The Quantum Era & Quantum Key Distribution
The Quantum Era & Quantum Key Distribution The Quantum Era & Quantum Key Distribution
The Quantum Era & Quantum Key Distribution IDQuantique
 
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)Scott Lowe
 
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...NoNameCon
 
Quantum_Safe_Crypto_Overview_v3.pdf
Quantum_Safe_Crypto_Overview_v3.pdfQuantum_Safe_Crypto_Overview_v3.pdf
Quantum_Safe_Crypto_Overview_v3.pdfRonSteinfeld1
 
Dawn of the Intelligence Age by Dr. Anton Ravindran
Dawn of the Intelligence Age by Dr. Anton RavindranDawn of the Intelligence Age by Dr. Anton Ravindran
Dawn of the Intelligence Age by Dr. Anton RavindranGSTF
 
Quantum Hardware Hacking
Quantum Hardware HackingQuantum Hardware Hacking
Quantum Hardware HackingMark Carney
 
Exploring Quantum Cryptography: The Future of Unbreakable Encryption
Exploring Quantum Cryptography: The Future of Unbreakable EncryptionExploring Quantum Cryptography: The Future of Unbreakable Encryption
Exploring Quantum Cryptography: The Future of Unbreakable EncryptionPC Doctors NET
 
Quantum Computing & Cryptography: A Brief Introduction
Quantum Computing & Cryptography: A Brief IntroductionQuantum Computing & Cryptography: A Brief Introduction
Quantum Computing & Cryptography: A Brief IntroductionHedera Hashgraph
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewRamesh Nagappan
 
IBOSEC-3000-2.pdf
IBOSEC-3000-2.pdfIBOSEC-3000-2.pdf
IBOSEC-3000-2.pdfAndrew Benhase
 
Quantum Safety in Certified Cryptographic Modules
Quantum Safety in Certified Cryptographic ModulesQuantum Safety in Certified Cryptographic Modules
Quantum Safety in Certified Cryptographic ModulesOnBoard Security, Inc. - a Qualcomm Company
 
Quantum Computing: The next new technology in computing
Quantum Computing: The next new technology in computingQuantum Computing: The next new technology in computing
Quantum Computing: The next new technology in computingData Con LA
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshChristian Posta
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchainravi sahal
 
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran GSTF
 
Tears for quantum fears
Tears for quantum fearsTears for quantum fears
Tears for quantum fearsMark Carney
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Securityteam-WIBU
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Togetherteam-WIBU
 

More Related Content

Similar to Post Quantum Cryptography – The Impact on Identity

Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy
 
Experiences evaluating cloud services and products
Experiences evaluating cloud services and productsExperiences evaluating cloud services and products
Experiences evaluating cloud services and productsJavier Tallón
 
The Quantum Era & Quantum Key Distribution
The Quantum Era & Quantum Key Distribution The Quantum Era & Quantum Key Distribution
The Quantum Era & Quantum Key Distribution IDQuantique
 
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)Scott Lowe
 
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...NoNameCon
 
Quantum_Safe_Crypto_Overview_v3.pdf
Quantum_Safe_Crypto_Overview_v3.pdfQuantum_Safe_Crypto_Overview_v3.pdf
Quantum_Safe_Crypto_Overview_v3.pdfRonSteinfeld1
 
Dawn of the Intelligence Age by Dr. Anton Ravindran
Dawn of the Intelligence Age by Dr. Anton RavindranDawn of the Intelligence Age by Dr. Anton Ravindran
Dawn of the Intelligence Age by Dr. Anton RavindranGSTF
 
Quantum Hardware Hacking
Quantum Hardware HackingQuantum Hardware Hacking
Quantum Hardware HackingMark Carney
 
Exploring Quantum Cryptography: The Future of Unbreakable Encryption
Exploring Quantum Cryptography: The Future of Unbreakable EncryptionExploring Quantum Cryptography: The Future of Unbreakable Encryption
Exploring Quantum Cryptography: The Future of Unbreakable EncryptionPC Doctors NET
 
Quantum Computing & Cryptography: A Brief Introduction
Quantum Computing & Cryptography: A Brief IntroductionQuantum Computing & Cryptography: A Brief Introduction
Quantum Computing & Cryptography: A Brief IntroductionHedera Hashgraph
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewRamesh Nagappan
 
Quantum Computing: The next new technology in computing
Quantum Computing: The next new technology in computingQuantum Computing: The next new technology in computing
Quantum Computing: The next new technology in computingData Con LA
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshChristian Posta
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchainravi sahal
 
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran GSTF
 
Tears for quantum fears
Tears for quantum fearsTears for quantum fears
Tears for quantum fearsMark Carney
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 

Similar to Post Quantum Cryptography – The Impact on Identity (20)

Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016Andy Kennedy - Scottish VMUG April 2016
Andy Kennedy - Scottish VMUG April 2016
 
Quantum Cryptography
Quantum Cryptography Quantum Cryptography
Quantum Cryptography
 
Experiences evaluating cloud services and products
Experiences evaluating cloud services and productsExperiences evaluating cloud services and products
Experiences evaluating cloud services and products
 
The Quantum Era & Quantum Key Distribution
The Quantum Era & Quantum Key Distribution The Quantum Era & Quantum Key Distribution
The Quantum Era & Quantum Key Distribution
 
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
 
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
Stanislav Kolenkin & Igor Khoroshchenko - Knock Knock: Security threats with ...
 
Quantum_Safe_Crypto_Overview_v3.pdf
Quantum_Safe_Crypto_Overview_v3.pdfQuantum_Safe_Crypto_Overview_v3.pdf
Quantum_Safe_Crypto_Overview_v3.pdf
 
Dawn of the Intelligence Age by Dr. Anton Ravindran
Dawn of the Intelligence Age by Dr. Anton RavindranDawn of the Intelligence Age by Dr. Anton Ravindran
Dawn of the Intelligence Age by Dr. Anton Ravindran
 
Quantum Hardware Hacking
Quantum Hardware HackingQuantum Hardware Hacking
Quantum Hardware Hacking
 
Exploring Quantum Cryptography: The Future of Unbreakable Encryption
Exploring Quantum Cryptography: The Future of Unbreakable EncryptionExploring Quantum Cryptography: The Future of Unbreakable Encryption
Exploring Quantum Cryptography: The Future of Unbreakable Encryption
 
Quantum Computing & Cryptography: A Brief Introduction
Quantum Computing & Cryptography: A Brief IntroductionQuantum Computing & Cryptography: A Brief Introduction
Quantum Computing & Cryptography: A Brief Introduction
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical Overview
 
IBOSEC-3000-2.pdf
IBOSEC-3000-2.pdfIBOSEC-3000-2.pdf
IBOSEC-3000-2.pdf
 
Quantum Safety in Certified Cryptographic Modules
Quantum Safety in Certified Cryptographic ModulesQuantum Safety in Certified Cryptographic Modules
Quantum Safety in Certified Cryptographic Modules
 
Quantum Computing: The next new technology in computing
Quantum Computing: The next new technology in computingQuantum Computing: The next new technology in computing
Quantum Computing: The next new technology in computing
 
Cloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service MeshCloud-Native Application Debugging with Envoy and Service Mesh
Cloud-Native Application Debugging with Envoy and Service Mesh
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchain
 
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
Internet of Things (IOT) Cloud Security by Dr. Anton Ravindran
 
Tears for quantum fears
Tears for quantum fearsTears for quantum fears
Tears for quantum fears
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
 

More from team-WIBU

Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Securityteam-WIBU
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Togetherteam-WIBU
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basicsteam-WIBU
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuitätteam-WIBU
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityteam-WIBU
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenariosteam-WIBU
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practicesteam-WIBU
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses Moreteam-WIBU
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edgeteam-WIBU
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applicationsteam-WIBU
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magicteam-WIBU
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisiveteam-WIBU
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...team-WIBU
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesteam-WIBU
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licensesteam-WIBU
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetiteteam-WIBU
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxteam-WIBU
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solutionteam-WIBU
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsteam-WIBU
 
Subscriptions - Relationships built to last
Subscriptions - Relationships built to lastSubscriptions - Relationships built to last
Subscriptions - Relationships built to lastteam-WIBU
 

More from team-WIBU (20)

Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Security
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Together
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basics
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuity
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenarios
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practices
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses More
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applications
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magic
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisive
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevices
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licenses
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetite
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptx
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solution
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
 
Subscriptions - Relationships built to last
Subscriptions - Relationships built to lastSubscriptions - Relationships built to last
Subscriptions - Relationships built to last
 

Recently uploaded

Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxnada99848
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 

Recently uploaded (20)

Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptx
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 

Post Quantum Cryptography – The Impact on Identity

  • 1. Cryptoagility and Quantum Resistance: Easier Said Than Done Post Quantum Cryptography – The Impact on Identity Dr. Carmen Kempka Director Corporate Technology WIBU-SYSTEMS AG 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done
  • 2. To access the on-demand replay of this masterclass, please visit https://www.wibu.com/wibu-systems-webinars/post- quantum-cryptography-the-impact-on- identity/access.html 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done
  • 3. The cat-and-mouse-game of cryptography 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done Cryptography develops. So does cryptoanalysis. 3
  • 4. Cryptography and quantum computers: What is broken? Certificate Public Key: 0011101001 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 15
  • 5. Post Quantum Cryptography Cryptographic algorithms are resistant against quantum attacks 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 16
  • 6. Based on hard mathematical problems • RSA: factoring large numbers • ECC: discrete logarithms (DLOG) Asymmetric cryptography NP Exp P 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 17
  • 7. Based on hard mathematical problems • RSA: factoring large numbers • ECC: discrete logarithms (DLOG) • PQC algorithms are based on various, different mathematical problems that are not easily solvable by quantum computers Asymmetric cryptography NP Exp P SVP LWE SIS Lineare Codes 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 18
  • 8. Based on hard mathematical problems • RSA: factoring large numbers • ECC: discrete logarithms (DLOG) • PQC algorithms are based on various mathematical problems that are not easily solvable by quantum computers • These mathematical problems are much younger and less analyzed! Asymmetric cryptography NP Exp P SVP LWE SIS Analyzed for less than 20 years Lineare Codes 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 19
  • 9. PQC Timeline 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 20
  • 10. PQC Timeline July 2022: publication of PQC algorithms selected for NIST standard 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 21
  • 11. PQC Timeline July 2022: publication of PQC algorithms selected for NIST standard 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done August 2022: candidate SIKE broken on classical computer 22
  • 12. • RSA, ECC:  Factoring and DLOG have been analyzed since around 300 bc (Euclid)  High trust in security against classical attacks − Fully broken with quantum computers – but when? • PQC algorithms • Mathematical problems quite new • No known relevant attacks by classical or quantum computers • Situation hard to assess: not many people have expertise in quantum computers and cryptography or the math behind the PQC schemes The PQC dilemma 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 23
  • 13. Cryptoagility Bildquelle: https://www.goodfreephotos.com/public-domain-images/fitting-the-last-puzzle-piece.jpg.php (Public Domain) 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 24
  • 14. What do we have? PQC Lattice-based Code-based Isogenies on elliptic curves Multivariate polynomials (signatures only) Hash-based (signatures only) 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 25
  • 15. What do we have? PQC Lattice-based Code based- Isogenies on elliptic curves Multivariate polynomials (signatures only) Hash based- (signatures only) 4th round  McEliece  BIKE  HQC SIKE  SPHINCS+ State based:  XMSS  LMS  Dilithium  Falcon  Kyber Rainbow 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 26
  • 16. Cryptoagility The ideal world public abstract class Encryptor { abstract String encrypt(int publicKey, String message); } public class RSAEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with RSA> return ciphertext; } } public class KyberEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with Kyber> return ciphertext; } } 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 27
  • 17. Cryptoagility The ideal world public abstract class Encryptor { abstract String encrypt(int publicKey, String message); } public class RSAEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with RSA> return ciphertext; } } public class KyberEncryptor extends Encryptor { public String encrypt (int publicKey, String message) { <Code for encryption with Kyber> return ciphertext; } } Cryptoagile concept  Modularity  Crypto algorithms can be easily replaced if broken  Once large enough quantum computers exist to break our crypto algorithms, the algorithms are just replaced by PQC algorithms – problem solved 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 28
  • 18. Cryptoagility: the real world © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 2024-04-10 © WIBU-SYSTEMS AG 2024 29
  • 19. Cryptoagility: easier said than done • Different mathematical structures • Large difference in memory requirements • Very different in performance • Very different key sizes and formats • Developers need to learn a lot for each new algorithm • Test vectors • Formats • Memory/performance trade-offs • Which intermediate results need to be kept secret • How to implement resistance against side channels • Other best practices in implementation and usage • … 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 30
  • 20. How to deal with cryptoagility • Plan with enough time and resources • management needs to be aware of the full extent of the problem 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 32
  • 21. How to deal with cryptoagility • Threat analysis • Find out where cryptography is used in your system and what is protected against what • Maybe use the opportunity to re-asses your security architecture 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 33
  • 22. How to deal with cryptoagility • Identify memory and performance requirements • Hardware requirements • Availability requirements of cloud systems • Response time • Bandwidth • … 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 34
  • 23. How to deal with cryptoagility • Flexibility • Restructure code: you need modularity and more flexibility • Hardcoded sizes or fixed formats could become a problem • Maybe use the opportunity to clean up your code base 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 35
  • 24. How to deal with cryptoagility • Get experience • Try out open source PQC libs to identify performance issues etc. • Do research projects 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 36
  • 25. How long do we have time? When should we start integrating quantum resistant cryptography? 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 37
  • 26. Mosca’s Theorem When should we start? Let… …X the time for which encryption should be secure …Y the time needed for migrating to PQC …Z the time remaining until quantum computers are sufficiently advanced to break current cryptographic systems Theorem (Mosca): Source Mosca‘s Theorem: https://csrc.nist.gov/csrc/media/events/workshop-on-cybersecurity-in-a-post-quantum-world/documents/presentations/session8-mosca-michele.pdf X Y Z  If X + Y > Z, then worry 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 38
  • 27. Mosca’s Theorem When should we start? Let… …X the time for which encryption should be secure …{Y1..Yn} the time needed for migrating the entire value chain to PQC …Z the time remaining until quantum computers are sufficiently advanced to break current cryptographic systems Theorem: X Z  If X + Y > Z, then worry 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done Y1 Y2 Y3 39
  • 28. When do quantum computers start becoming dangerous We don’t know that. • Needed to break ECC 256: around 2330 logical qubits or several million physical qubits • Needed to break RSA 2048: around 4096 logical qubits or several million physical qubits • Currently existing quantum computers have a few hundred physical qubits Seems we are still far away from having our crypto systems broken, but everything between < 10 and > 30 years is possible 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 40
  • 29. Migration to PQC • Long-term security: combination of different algorithms • Hybrid certificates • Double encryption • Cryptoagility • Where is cryptography used in your system? • Make cryptography updatable and replaceable • Find a good strategy for the transition • Identify dependencies • Coordinate migration to PQC with suppliers and customers • Requirements of downwards compatibility and interoperability 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 41
  • 30. Europe: +49-721-931720 USA: +1-425-7756900 China: +86-21-55661790 Japan: +81-45-5659710 https://www.wibu.com info@wibu.com Thank You! Let’s keep in touch 2024-04-10 © WIBU-SYSTEMS AG 2024 | Cryptoagility and Quantum Resistance: Easier Said Than Done 42