Cryptography protects information largely due to a classical computer’s difficulty in solving some well-known mathematical problems. Quantum computers work differently and will be able to solve these, making the most widespread algorithms and protocols protecting banking transactions, medical data, cryptocurrencies, and more, useless. Further, anyone storing encrypted private communication today will be able to decrypt and access it when quantum computers become available. A few short years ago, this threat seemed rather distant. This is no longer the case. Fortunately, the ambitious EU-funded PROMETHEUS project has harnessed a new type of mathematics with problems nearly impossible to solve by either classical or quantum computers. Its lattice-based cryptography will be the future of quantum-secure encryption.
Lattice-based cryptography: connecting the dots literally and metaphorically
Lattices are grids of points regularly arranged in spaces of potentially multiple dimensions and represented by a set of vectors as a basis. They give rise to computational problems of geometric nature, the simplest one being the closest vector problem: given a lattice, find its shortest non-zero value. This is used to create secret user keys associated with bases that can solve the closest vector problem and public ones that cannot. No efficient quantum algorithms are known for the problems typically used in lattice cryptography. According to project manager Octavie Paris of ENS Lyon: “PROMETHEUS brought together world-class European experts of lattice-based cryptography. Together, they developed many new cryptographic basic and advanced primitives to protect the privacy of individuals in a post-quantum era, resulting in over 100 publications, including 87 book chapters.” “We will share this extensive knowledge through open-source libraries. Our purpose was to help the academic community design schemes, industry to understand how to implement such new cryptography, and everyone to better understand attacks on lattices,” adds project technical leader Sébastien Canard of Orange.
Beyond fundamental research: voting, commerce and more
“Four demonstrators of significant socioeconomic importance have been validated: the first e-voting system that is quantum-safe; the first post-quantum e-cash prototype to protect a consumer’s purchases against tracing; a post-quantum anonymous credential prototype to minimise personal information transmission when accessing services or validating administrative procedures; and the first cyber ‘threat intelligence’ demonstrator to protect companies’ sensitive data when collaborating,” notes Paris.
Setting high standards
“Three of the first four quantum-resistant cryptographic algorithms chosen by the National Institute of Standards and Technology (NIST) in its six-year competition were designed and supported by PROMETHEUS. NIST had planned to standardise only one lattice based cryptography signature scheme. They instead chose two PROMETHEUS-supported schemes, which was unexpected,” notes Canard. Cryptography is characterised not only by its technical value but also its societal ramifications, and PROMETHEUS included these in the project’s scope. The team worked closely with its external ethics committee on the societal aspects of the work and results, and also conducted actions related to equal opportunities and gender in computer science research. PROMETHEUS’ encryption algorithms will become part of NIST’s post quantum cryptographic standards to be finalised in about two years. The privacy of the digital systems we rely on every day will be protected against future quantum computer attacks thanks in large part to the project’s ground-breaking outcomes.
PROMETHEUS, cryptography, quantum computer, post-quantum, lattice-based cryptography, NIST, cryptographic standards, encryption, closest vector problem, National Institute of Standards and Technology