September 18-20, 2024 | DoubleTree by Hilton, San Jose, California

Advanced Cryptography in the Quantum World (Q41c)

24 Sep 2020

Advanced Cryptography in the Quantum World (Q41c)

Alongside advances in quantum computing which create the need for quantum-safe cryptography, further advances in technology such as the internet of things (IoT) give rise to additional problems to be solved. Whilst encryption methods are becoming more complex to protect against the quantum threat, the end users are requiring them to run faster and with lower latency to be accommodated on low-power devices and wireless networks. Furthermore, the long-term security considerations indicate that these schemes should be made quantum-secure today. Fortunately, lattice-based cryptography, believed to be secure against quantum computers, allows for more advanced types of primitives which may be suited to solve this problem. This talk will describe the state of the art of three advanced primitives, specifically homomorphic encryption, certificate-less encryption and identity-based encryption, explain how they can be used in industry and highlight the research being conducted at the Queen’s University Belfast, Centre for Secure Information Technologies (CSIT) in these directions. One of the advantages of quantum computing is the ability to perform large computations and analysis on extensive datasets. This comes at a time when the public is becoming increasingly concerned over privacy. Homomorphic encryption allows for computation on encrypted data, without revealing anything about the plaintext. This is suitable for cases such as voting systems and analysing private medical data, for example by a third party for research purposes. Many HE schemes over lattices have been proposed. This talk will review the state of the art and the challenges in the area as well as helping industry members to decide how it fits into their business. Identity-based encryption (IBE) streamlines public key infrastructure by allowing a user’s public identity to become their public key. Hierarchical identity-based encryption (HIBE) schemes extend this concept to a multi-levelled scenario, such as one would find within a functioning company. HIBE has further applications such as forward-secure encryption and public key broadcast encryption. The UK National Cyber Security Centre (NCSC) proposed such a scheme in 2017, with a view to utilising it in UK public-safety communications. They are currently working with the European Telecommunications Standards Institute (ETSI) in a move towards standardising the scheme. However, the proposed scheme LATTE is not practical beyond 2/3 levels of hierarchical depth. This is due to user public key sizes reaching 6kB (kilobytes) and ciphertext sizes reaching 15kB for three levels of hierarchy at 128-bit security. CSIT has proposed a more practical variant of LATTE. To mitigate the scalability problems of LATTE, SKINNY LATTE instead fixes the dimension during delegation, curtailing the growth of public key and ciphertext size. CSIT have also provided the first benchmarking figures of both schemes, integrated into the libSAFEcrypto open source software library. This talk will give details of the schemes and how they could be used both within public safety communications, and further applications within industry. Like IBE, certificate-less encryption aims to provide a more efficient solution to certificate management. However, one of the disadvantages of IBE is key escrow. There is still a trusted third party who has access to all the user private keys and so could decrypt any message. Certificate-less encryption may be more suited to situations where the key manager is not necessarily secure, or may not be trusted. This talk will review the state of the art of lattice-based certificate-less encryption schemes and examples of use cases in industry.

The main takeaways from this talk are:

• Making the audience aware of other advanced primitives in the post-quantum crypto world which may be more suitable for their applications, rather than the basic primitives (digital signatures and key exchange mechanisms) currently being selected by a NIST competition

• Reviewing the state of the art of these primitives, current research and standardisation activities

• Highlighting CSIT’s contributions in this area, work in progress and most recent results