Chapter

Open Problems in Mathematics and Computational Science

pp 387-439

Date:

A Panorama of Post-quantum Cryptography

  • Paulo S. L. M. BarretoAffiliated withEscola Politécnica, University of Sãao Paulo Email author 
  • , Felipe Piazza BiasiAffiliated withEscola Politécnica, University of Sãao Paulo
  • , Ricardo DahabAffiliated withInstituto de Computação, University of Campinas
  • , Julio César López-HernándezAffiliated withInstituto de Computação, University of Campinas
  • , Eduardo M. de MoraisAffiliated withInstituto de Computação, University of Campinas
  • , Ana D. Salina de OliveiraAffiliated withInstituto de Computação, University of Campinas
  • , Geovandro C. C. F. PereiraAffiliated withEscola Politécnica, University of Sãao Paulo
  • , Jefferson E. RicardiniAffiliated withEscola Politécnica, University of Sãao Paulo

* Final gross prices may vary according to local VAT.

Get Access

Abstract

In 1994, Peter Shor published a quantum algorithm capable of factoring large integers and computing discrete logarithms in Abelian groups in polynomial time. Since these computational problems provide the security basis of conventional asymmetric cryptosystems (e.g., RSA, ECC), information encrypted under such schemes today may well become insecure in a future scenario where quantum computers are a technological reality. Fortunately, certain classical cryptosystems based on entirely different intractability assumptions appear to resist Shor’s attack, as well as others similarly based on quantum computing. The security of these schemes, which are dubbed post-quantum cryptosystems, stems from hard problems on lattices, error-correcting codes, multivariate quadratic systems, and hash functions. Here we introduce the essential notions related to each of these schemes and explore the state of the art on practical aspects of their adoption and deployment, like key sizes and cryptogram/signature bandwidth overhead.