SAN FRANCISCO, April 12, 2018 /PRNewswire/ -- This week PQCrypto 2018 co-located its event with NIST's first PQC Standardization Conference in Florida, creating a forum for researchers and developers to present results and exchange ideas on cryptography in an era where the emergence of large-scale quantum computers is a reality. "Large-scale quantum computers could arrive sooner than anticipated, it could take many organizations years to perform the transition. Today's encrypted data can be captured and stored by an adversary, until a quantum computer is available to gain access to it. Quantum-safe solutions are needed today." Dr. Vladimir Soukharev, Chief Post-Quantum Researcher & Cryptographer at InfoSec Global.
The National Institute of Standards and Technology (NIST), a standards-setting agency of the Department of Commerce (USA), has issued a request for public-key post-quantum cryptographic algorithms. InfoSec Global (ISG), together with partners from academia and industry, has answered that call with two Post-Quantum Crypto NIST submissions.
"Microsoft Research was pleased to collaborate with InfoSec Global, Professor Jao, and our other industry and academic partners on the submission of SIKE to the US NIST Post-Quantum Cryptography Standardization effort. We understand the importance of implementing enterprise safeguards now in preparation for the future and believe SIKE is a secure and efficient post-quantum cryptographic algorithm and a strong candidate for standardization." Dr. Brian LaMacchia, Distinguished Engineer, Microsoft
SIKE is one of the two candidates submitted and presented by Dr. David Jao, University of Waterloo, at the NIST workshop this week. Supersingular Isogeny Key Encapsulation (SIKE) is an elliptic curve isogeny-based key agreement scheme. Isogenies can also be referred to as Post-Quantum Elliptic Curve Cryptography. "The underlying hard problem for isogeny-based cryptography is: given two isogenous supersingular elliptic curves, find an isogeny between them. Currently no quantum algorithm is known for solving this problem in less than exponential time. The main reason why this problem seems intractable for quantum computers is that the endomorphism ring for the supersingular elliptic curve is non-commutative, which shields the problem against attacks." Dr. David Jao, University of Waterloo
The second submission, called SPHINCS+, was presented this week by Dr. Andreas Hülsing, Eindhoven University of Technology (NL). SPHINCS+ is a stateless hash-based digital signature scheme and an improved version of SPHINCS. "SPHINCS+ is probably the submission with the most reliable security estimates. This is due to the fact that security is only based on hardness assumptions about cryptographic hash functions. At the same time, SPHINCS+ achieves reasonable sizes and speeds allowing for different trade-offs to suit everyone's needs." Dr. Andreas Hülsing, Eindhoven University of Technology (NL)
With SIKE and SPHINCS+, ISG is able to offer a solution for the quantum computer threat today and enable its customers to move towards a quantum-safe world. Regardless of the standards that are chosen by NIST, ISG's platform will support migration to those chosen and enterprises can begin preparing today with ISG's crypto agility.
About InfoSec Global Inc.
InfoSec Global provides sustainable data protection for a digital world. The company delivers a next generation enterprise grade solution that provides the real-time life-cycle management of the cryptography and digital identities for critical systems. The AgileSec Platform manages the entire digital and cryptographic life-cycle from the discovery of threats and vulnerabilities to the updates and fixes of cryptography, keys and certificates. ISG helps governments and enterprises achieve trust through compliance to cryptographic regulations, worldwide. The ISG leadership team has deep professional and academic expertise in the security and cryptography market. The founders and board members are the original inventors of key cryptographic technologies, protocols and standards such as SSL and AES.
To learn more, visit http://www.infosecglobal.com
SOURCE Infosec Global