The study of key encapsulation mechanisms on algebraic lattices is one of the important directions in modern post-quantum cryptography, since many mechanisms are already either standardized (ANSI X.9.98, DSTU 8961:2019 "Skelya") or are promising candidates for standardization (CRYSTALS-Kyber, FrodoKEM). The purpose of this work is to compare the security arguments of DSTU 8961:2019 "Skelya", CRYSTALS-Kyber, FrodoKEM key encapsulation mechanisms. The paper provides a comparison of theoretical evidence in the idealized random oracle (ROM) and quantum random oracle (QROM) models, as well as a comparison of specific values of security parameters in the core-SVP model, which is, in fact, a standard for lattice cryptography. Since all three key encapsulation mechanisms are based on different complex problems (NTRU, Module-LWE, LWE), a comparison of complex lattice theory problems and a comparison of their security arguments are additionally given. The strengths and weaknesses of the considered key encapsulation mechanisms are shown, and areas of research that require more detailed attention are highlighted.
The world is in the process of intensive creation and application of quantum technologies. On May 4, 2022, the President of the United States signed the «National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems». Therefore, advancing leadership is an important challenge in quantum computing in general, while reducing risks to vulnerable cryptographic systems. Accordingly, standardized scientific and methodological support for risk assessment should be justified, accepted and applied at the international and national levels when quantum computing is used in general and especially when quantum computing is used in cryptology. The purpose of the work is to substantiate and develop a risk assessment methodology for quantum computing used in cryptology in the so-called “post-quantum period”. With this aim in view the following components were taken into account: the use of methods that have not yet arisen to combat cybersecurity threats; determination of the essence of the quantum risk assessment methodology; identification and documentation of information assets and their current cryptographic protection; research on the state of quantum computers and quantum-safe cryptography. Quantum risk assessment is considered, an ideal approach for identifying and prioritizing threats and vulnerabilities, as well as laying the foundation for the reliable and cost-effective development of systems so that they are resistant to quantum attacks. Quantum risk assessment provides organizations with the knowledge necessary to understand the extent of their quantum cyber risk and the terms in which quantum threats can arise. This will provide the organization with a basis for proactively addressing quantum risks, building a path to a quantum safe state, and implementing and validating quantum safe solutions.
Development and investigation of electronic signatures on algebraic lattices is one of the promising directions in post-quantum cryptography. Cryptosystems CRYSTALS-Dilithium and Falcon represent lattice cryptography in the category of electronic signatures in the NIST PQC open competition among the finalists. Most operations in these cryptosystems are reduced to addition and multiplication of polynomials in a finite field with a generating cyclotomic polynomial xN + 1. Using such a field allows the use of a number-theoretic transformation (NTT) to create fast and reliable software implementations. In practice, vectorized set (SIMD) instructions are used to achieve good performance. AVX2 instructions are most often used among existing implementations. At the same time, the possibility of using AVX512 instructions remains little explored. The purpose of this work is to investigate the feasibility of applying AVX512 instructions to optimization of the NTT, used in modern EPs on algebraic lattices. In particular, the paper presents a method for implementing a number-theoretic transformation using AVX512 for CRYSTALS-Dilithium and Falcon. An increase in performance is shown in comparison with the reference optimized author's implementations.
Global trends to increase the threats to information and cybersecurity, increasing the level of vulnerability of information and telecommunications systems (ITS) necessitate the development and implementation of new standards and regulations on information security, the introduction of new technologies and best practices in information security. The main approach to information and cybersecurity in ITS is the Risk-Based Protection Strategy. The main task of information risk management (IR) is to identify and assess objectively the most significant risks for the company's business, as well as the need to use risk controls to increase the efficiency and profitability of the company's economic activities. It is believed that quality risk management allows you to use the optimal efficiency and cost of risk control and information protection measures, adequate to the current goals and objectives of the company's business. The paper presents results of solving the current problem of finding optimal methods for assessing the risks of information and cybersecurity. Criteria for selecting the best methods of risk assessment are proposed. The analysis of known methods of risk assessment for compliance with these criteria is performed. Proposals have been formulated to create promising methods for risk assessment, their application to modern information security management systems, especially those designed for critical infrastructure, will most effectively address the problems of information and cybersecurity, as well as privacy.
At present and in the future, mathematical methods, mechanisms and algorithms of standardized asymmetric cryptotransformations such as electronic signature (ES) are and will be used for information cryptographic protection. Electronic signature is the main and essential component of cybersecurity, in terms of providing quality information security services such as integrity, irresistibility and authenticity of information and data processed. However, there are well-founded suspicions that in the post-quantum period the existing ES standards will be broken and compromised using classical and quantum cryptanalytic systems with appropriate mathematical, software and hardware-software. An analysis was performed, which confirms that quantum computers have already been developed, manufactured and used. It is believed that the actual state of development and use of powerful quantum computers and their mathematical and software is obviously strictly confidential and secure, and only publicly known data on quantum computers and their applications in cryptology are disclosed. A preliminary analysis has been carried out showing that in Ukraine there is an understanding of the existence of threats to cybersecurity and information security in the case of using available standardized ES in the transition and post-quantum periods. Currently, development and adoption of post-quantum ES standards is also one of the main issues in ensuring the necessary levels of security in the transition and post-quantum periods. The objective of this article is to substantiate, compare alternatives and develop proposals for the selection and standardization of post-quantum ES standards at the international and national levels, taking into account the results of the 2nd and 3rd rounds of the NIST US competition and national researches.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.