Try to determine the integer factors of the number 9991. While you may struggle to do this without a computer, you can easily verify, maybe without a calculator, that 97*103= 9991. Of course, classical computers can eat this small version of the factorization problem for breakfast, but not if the product has hundreds of digits.
In 1994, Peter Shor published an algorithm that can efficiently factorize very large integers, on the condition that the algorithm is run on a hypothetical quantum computer. Renowned physicist Richard Feynman suggested the concept of a quantum computer in 1981. While quantum computers might solve some special problems that are assumed to be hard for classical computers, no algorithms were initially known, and the idea remained an esoteric one for many years.
Following Shor’s discovery, scientists tried to build quantum computers. Progress was slow at first, but today large companies and state actors invest huge efforts in developing quantum computers.
The security of cryptography used in the Internet relies on the hardness of problems such as integer factorization. Large quantum computers will break most widely used cryptographic tools. This has prompted massive research efforts into new cryptographic primitives that are not vulnerable to quantum attacks. Processes are also underway for selecting new cryptographic standards for use in public communication systems, and some candidates for standard tools were selected in July 2022. Still, underlying mathematical problems are not as well understood as the problems of classical cryptography. Moreover, uncertainties regarding what a quantum computer can do prompts the need for many standardized algorithms, and the work to select new standards is expected to go on for years. A consequence of this is the new process initiated in June 2023 to develop alternative algorithms for digital signatures.
The qsIo2 project aims to develop new techniques for quantum safe cryptography, as well as to test the quality of existing proposals. Moreover, we study alternative approaches to confidential communication based on methods from information theory. Through the qsIo2 project we contribute to the international research efforts and strengthen national expertise in this area.
Significant resources are being spent on constructing quantum computers in research laboratories and government agencies across the world. With a sufficiently large quantum computer, it will be possible to break some of the most widely used cryptographic algorithms. To ensure privacy and confidential communications in the future, there has been a large research effort in studying cryptographic primitives that are not vulnerable to quantum computers.
The newly concluded qsIoT project can be seen as a part of this trend, where quantum-safe cryptography has been studied in the particular context of IoT. A significant part of the work done in this project has been towards understanding the underlying security of this new class of cryptographic algorithms.
The research area of quantum-safe cryptography has now matured to the point where it makes sense to think about future cryptographic standards. Indeed, a comprehensive standardization process is already well underway. Still, the various underlying mathematical problems are not as well understood as the problems of classical cryptography. Moreover, uncertainties regarding the capabilities of a quantum computer prompts the need for a diverse portfolio of standardized algorithms. As a result, the work to select new standards is expected to go on for years.
Results from our previou qsIoT-project have already had an influence on the mentioned standardization process. The qsIo2 project aims to extend research into the cryptanalytic techniques developed in this line of work. This will lead to a deeper understanding of the security of the new cryptographic algorithms, which in turn will contribute to the ongoing work on international standards.