50 Post Quantum Crypto for Dummies by an HSM, in order to ensure that sensitive key material never leaves the HSM and that the algorithms operate on these keys in an efficient manner. SDKs come in different flavors: Most SDKs allow the extension of the functionality of an HSM, by adding custom modules to the HSM. This typically invalidates certification (e.g. FIPS), but allows the development of efficient custom applications, tailored to the requirements of your application. Some SDKs even provide a safe sandbox for custom code inside the safe perimeter of the HSM, which empowers custom code to be executed by the HSM, without impairing existing certifications. With an SDK, it is easy to develop hybrid solutions by simply adding a postquantum safe implementation on top of the existing state-of-the-art implementation inside your HSM. Your implementation could, for example, establish a secret symmetric key, using a post-quantum key exchange scheme like NewHope, and use that secret key to encrypt the communication between your application and the HSM. For HSMs which provide a secure channel out of the box (using a conventional key exchange scheme), your application data is then protected against conventional attacks, as well as attacks with quantum computers. Digital signatures are a second example where adding a post-quantum-safe implementation in addition to the standard signature schemes is straightforward. An implementation inside the HSM could receive a hash to be signed, sign it with a post-quantum-safe signature scheme, and then call an internal function of the HSM to sign the hash along the first signature, using a conventional signature scheme provided by the HSM vendor. Another area where an SDK becomes an essential feature of an HSM is the evaluation and benchmarking of new, post-quantum-safe implementations on existing hardware. By porting their reference implementation to an HSM, designers of post-quantum-safe solutions can gather data about the real-world performance of their approach and can compare it with the state-of-the-art solutions deployed today. The PICNIC signature scheme, for example, (developed by Microsoft Research and others; for details see https://microsoft.github.io/Picnic/) has been submitted to NIST as a candidate for a quantum-secure signature scheme. Its reference implementation has been successfully ported to a Utimaco HSM in order to create a prototype implementation of PICNIC. To quote the designers of PICNIC: »The goal of this prototype was to demonstrate that using postquantum signatures in a PKI scenario is practical, and that there are no major impediments to deployment even with existing commercially available HSM hardware. In particular, using new types of keys, and creating signatures with a new algorithm, having larger signatures than traditional algorithms, and hashing the message on the HSM was possible, and did not pose significant engineering challenges.« For details refer to section 8.3 of the design documentation for PICNIC (pages 46–50 in https://github.com/Microsoft/Picnic/blob/master/ spec/design-v1.0.pdf).
PQC_for_Dummies
To see the actual publication please follow the link above