40 Post Quantum Crypto for Dummies Internet packets or encrypted data can be recorded or stolen today and stored until technology has advanced and is able to break the encryption. Therefore, data with high security requirements must be securely transmitted and stored as soon as possible. Furthermore, past has shown how slowly new cryptographic primitives are deployed and how slowly insecure primitives vanish. New standards of postquantum secure cryptographic schemes are required as soon as possible. In 2016, NIST started standardization efforts with the intention to standardize quantumsecure algorithms (i.e., cryptographic algorithms that withstand attacks by quantum computers) within the next ten years 18. Already today, the long-term threat by quantum computers must be considered for industrial appliances and products that will be deployed for a long time. Automotive technologies that are currently under development will reach themarket within the next two to five years and will be in use for fifteen years and longer. Therefore, technology development and product life span may cover twenty to thirty years. Industrial appliances of Industry 4.0 have a similar life span. The longer the development and deployment of long-term, post-quantum secure technology takes, the higher is the risk that products and appliances will be vulnerable in the far future. Industry is beginning to show an interest in using and commercialising postquantum cryptography. For example, Google experimentally deployed the post-quantum key-exchange scheme NewHope for some connections between the Chrome browser and Google servers 12. Intel Labs is doing research on integrating post-quantum cryptography into their products and their production process, e.g., for secure communication with chip production facilities 14. The post-quantum public-key schemes NTRUEncrypt and NTRUSign were commercially developed in the 1990s and are now licensed by the company Security Innovation (www.securityinnovation.com). Some companies are offering products that are advertised as post-quantum secure, e.g., PQ Solutions Limited (www .post-quantum.com) and InfoSec Global (www.infosecglobal.com). Other companies are offering software libraries, solutions, and consulting for post-quantum cryptography, e.g., evolutionQ Inc. (www.evolutionq.com), ISARA Corporation (www.isara.com), and CryptoExperts (www.cryptoexperts.com). This shows that post-quantum cryptography has left the academic realm and reached practical application for securing critical information. It does not seem too far-fetched to assume that by 2030 a quantum computer will be powerful enough to attack asymmetric cryptography based on integer factorization or discrete logarithms.
PQC_for_Dummies
To see the actual publication please follow the link above