NIST requests ideas for crypto that can survive quantum computers
Christmas miracle: Government preparing properly for problem expected to land in ~20 years
The United States' National Institute of Standards and Technology has issued a “Notice and request for nominations for candidate post-quantum algorithms.”
The Institute (NIST) has cottoned on to the fact that “If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use.”
The agency therefore observes, in its explanation of the Notice, that once such machines are widely available, “This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere.”
The Notice therefore calls for the development of “... new public-key cryptography standards will specify one or more additional unclassified, publicly disclosed digital signature, public-key encryption, and key-establishment algorithms that are capable of protecting sensitive government information well into the foreseeable future, including after the advent of quantum computers.”
NIST reckons it will get something useful within a year, as it's set a deadline of November 30th, 2017, for submissions.
But it doesn't think the work will be widely-tested for 20 years, writing that “Historically, it has taken almost two decades to deploy our modern public key cryptography infrastructure.”
“Therefore, regardless of whether we can estimate the exact time of the arrival of the quantum computing era, we must begin now to prepare our information security systems to be able to resist quantum computing.”
You read the above right: this is an example of a government agency being sensibly far-sighted.
As it happens, late last week Microsoft offered up a speech on the subject some of its research on just this subject.
In the video below, Gorjan Alagic from the University of Copenhagen's Quantum Information Theory group explores “how to securely transmit many large quantum states using a single short key, and how to authenticate such transmissions.”
To be honest, the concept and math go over your correspondent's head. But if you've an hour to spare, and that's as likely in this week as any, perhaps you'll be able to tell us more about Alagic's approach. ®