Quantum computing advancements pose a threat to today’s IT security as a whole. This is because the established cryptographic processes can be cracked by quantum computers. Fraunhofer AISEC is pooling its expertise in the future technology of post-quantum cryptography (PQC) via the Competence Center for Post-Quantum Cryptography. Our goal as a neutral and manufacturer-independent center is to support companies and public research institutions in the switch to quantum-resistant cryptographic processes. To do so, we offer individual consultation and support for migrating to architecture with a quantum-secure design. Compatibility with existing solutions and cryptoagility play a key role in this. Other services offered by the competence center include security analyses for PQC implementations as well as an information portal for post-quantum cryptography.
The ongoing development of quantum computers poses a threat to almost every cryptographic process currently implemented. Quantum algorithms, such as the »Shor algorithm« and variants thereof, have been used to crack frequently used public key processes that are based on factorization problems (like RSA encryption and signatures). This is also the case for processes based on difficult-to-calculate discrete logarithms (e.g., (EC)DSA signature processes, ElGamal encryption processes and Diffie-Hellmann key agreement protocols). Symmetrical processes are also affected by Grover’s algorithm. Here, however, bigger keys can be used to rebuild security — as opposed to public key processes.
It is becoming increasingly difficult to ensure that IT will remain secure in the long term. In Critical Infrastructures in particular, an orderly transition to quantum-resistant processes is key. However, simply replacing cryptographic processes is not necessarily possible due to the totally new algorithmic characteristics that PQC processes have. Significantly longer keys and data packets for transfer, stateful protocols or substantial changes to time responses are particular technical challenges here.
Requirements for ensuing the longevity of hardware and software components include cryptoagility (i.e., the possibility to rapidly replace cryptographic processes); newly constructed, quantum-resistant implementations that are secure; and the construction of a publicly accessible pool of knowledge.
The Competence Center for Post-Quantum Cryptography offers companies and public research institutions individual and manufacturer-neutral support based on current research when they change over to quantum-resistant cryptography and protocols. Examples include migration of PQC processes, security analyses for PQC implementations and an extensive information portal with proposals for a variety of target groups.
For post-quantum migration, cryptographic processes must be replaced and adapted to a large extent. The common use of proprietary protocols (i.e., in industry) is hampering this process, in particular in terms of compatibility requirements and organizational framework conditions such as existing IT systems, which frequently lack cryptoagility. We take into account the initial position of each individual organization or public research institution to offer the following expertise:
CONTACT: Daniel Loebenberger
The competence center conducts individual security analyses. This service covers software, protocols and hardware:
CONTACT: Matthias Hiller
The portal provides information that is relevant for Chief Information Security Officers (CISO) and those responsible for IT processes, as well as for strategic corporate development in the face of security threats posed by quantum computers.
The pqdb website provides a unified overview of all post-quantum cryptography methods that have been part of the National Institute of Standards and Technology (NIST) selection process to date.
Additional information is available free of charge upon e-mail request. The following services are provided by the information portal:
CONTACT: Marian Margraf