Post-Quantum Security: Origin, Fundamentals, and Adoption

Based on Shor’s quantum algorithm for computing discrete logarithms, powerful enough quantum computers will break current cryptographic protocols. While today’s quantum computers are not yet capable enough of running this algorithm successfully, it is expected by many experts that they will be capable enough in the foreseeable future. Thus, actions must be taken to create a new infrastructure that protects society and companies against such attacks. In this contribution, we describe the backgrounds necessary to comprehend these actions. We first describe the relation between discrete logarithms and two well-known asymmetric security schemes, RSA and Elliptic Curve Cryptography. Next, we present the foundations of lattice-based cryptography which is the basis of schemes that are considered to be safe against attacks by quantum algorithms (as well as by classical algorithms). Then we describe two such quantum-safe algorithms (Kyber and Dilithium) in more detail. Finally, we give a very brief and selective overview of a few actions currently taken by governments and industry as well as standardization in this area. The article has a pedagogical character, not presenting any new research results. Especially it strives towards being self-contained, e.g. the required mathematical foundations to understand post-quantum cryptography are provided and examples are given. Thus, a reader interested in getting a first comprehensive overview of the subject doesn’t have to consult text books or several research papers.