Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday February 27 2019, @06:01AM   Printer-friendly
from the new-age-crypto dept.

Cryptographer Derek Zimmer at Private Internet Access' blog has a three-part series on the National Institute for Standards and Technology (NIST) and its second round of review for candidate algorithms for post-quantum cryptography. After a general audience introduction to what post-quantum cryptography is, he writes about the selection process used by NIST to eventually settle on a pair of algorithms. After several rounds, there will be only two algorithms selected. One will be for asymmetric public-key encryption, and the other will be for digital signatures. Parts 2 and 3 of his posts summarize each candidate algorithm individually.

NIST Round 2 and Post-Quantum Cryptography (part 1)
NIST Round 2 and Post-Quantum Cryptography – The New Asymmetric Algorithms (part 2)
NIST Round 2 and Post-Quantum Cryptography – The New Asymmetric Algorithms (part 3)


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday February 28 2019, @07:02AM

    by Anonymous Coward on Thursday February 28 2019, @07:02AM (#808009)

    The problem with PQC is that the basic trade-off is handshake size (which some allow to be processed while streamed in to calculate the key) versus key size versus resource requirements (mainly memory or CPU, and sometimes both) versus forward secrecy (you have to trust that certain data is not stored by the handshaking party). Now, it is possible to reduce them all at the same time without reducing security, but then you give up the guarantee that the exchange can be solved at all, which requires a whole new handshake in a certain percentage of cases where it can't.