Access the latest quantum technology

Quantum technology in Bristol and bath - find out more about how you can access the commercialisation of quantum technology for sensing and security

Friday, June 15, 2018

First standard for post-quantum signatures

By Nick Flaherty www.flaherty.co.uk

Having encryption technology that is not vulnerable to cracking by quantum computers is a major focus for security systems across the Internet, and using signatures is a key approach (see links below on our coverage).

A joint research team from the Technical University (TU) Darmstadt and the German IT security company genoa has now published an Internet standard (RFC 8391) for a quantum computer-resistant signature process.

This is the first universally recognized and usable digital signature process that can withstand the computational power of quantum computers. With digital signatures, the authenticity of sent e-mails, SSL certificates or software updates is guaranteed and these create a basis of trust for communication in the Internet of Things (IoT). The publication of the signature process as an Internet standard is a milestone for so-called post-quantum cryptography. genua is already using the process to guarantee the authenticity of software updates sent to customers.

The core of the solution is a hash-based method: Hashes work in principle only in one direction - once it encoded content can not be resolved in plain text. Because of their properties, cryptographically secure hash functions are considered to be resistant to quantum computer attacks. The research project was funded by the German Research Foundation (DFG) and the Bavarian Ministry of Economic Affairs.
Wirking with the Eindhoven University of Technology, the team submitted a draft Internet standard (RFC). These have been reviewed by the international organization IRTF (Internet Research Task Force) and are now published as RFC 8391. 

"The RFC 8391 is the first published standard on post-quantum signatures, and the research team at the TU Darmstadt and genoa has solved a problem of post-quantum cryptography, which some large corporations and organizations are working with, and is an important contributor to the Future security on the Internet, "said Matthias Ochs, CEO of genua.

genua has also launched a new research project to solve another problem in post-quantum cryptography: Securing encrypted data transmission via VPN (Virtual Private Network) via public networks such as the Internet against the foreseeable quantum leap in computing power.

More details of RFC8391 are at https://tools.ietf.org/html/rfc8391

Related stories:

No comments: