Lattices in a Parallel and Quantum World

Objective

Today's digital world creates many security and privacy issues. But cryptography, a pillar of cybersecurity, is facing two major challenges. The first challenge is the threat of quantum computers, fueled by massive investment worldwide. Shor showed that a quantum computer can break the most prevalent forms of public-key cryptography used every day by e-commerce and bitcoins. This threat is now taken seriously by governmental organizations: the NIST initiated in 2016 a process to standardize by 2024 public-key cryptographic algorithms resistant to quantum computers. The second challenge is new environments, such as big data, IoT, or crypto-currencies. Because classical cryptography no longer suffices for these applications, novel cryptographic schemes and functionalities have been developed, e.g. to allow anyone to compute with encrypted data. But these benefits come at the cost of security uncertainty: it requires more risky assumptions and makes it more difficult to select parameters with confidence. Worryingly, the past few years have seen several established cryptographic assumptions collapse. Lattices are mathematical objects which have emerged in the past twenty years as the key technique to respond to these challenges: the ongoing standardization of homomorphic encryption and the majority of the candidates to NIST's post-quantum standardization rely on the conjectured hardness of lattice problems. This proposal aims at readying lattice-based cryptography for real-world deployment, by protecting it against the most powerful adversaries, from ASIC farms to quantum computers. We will study the best parallel and quantum algorithms for lattice problems, and derive automated tools to select safe parameters. The proposal will use the renowned expertise of the PI in lattice algorithms and cryptanalysis to explore the quantum frontiers of cryptanalysis.