What next in the world of Post-Quantum Cryptography & how to implement it correctly?

Webinar held on June 30th, 2020

 

Abstract:

Post-Quantum Cryptography (PQC) refers to novel requirements in asymmetric cryptography, namely key exchange, asymmetric encryption and digital signature. Namely, the computation shall resist not only attacks from classic computers, but also from quantum computers. Still, PQC are mathematical algorithms which are implemented conventionally (as software, hardware, etc.). Therefore, regular implementation-level attacks apply.

In this talk, we list the challenges associated with the implementation of PQC, in particular vulnerabilities related to side-channel analyses. First, we detail the detection and the prevention of leakage arising from conditional control-flow and from conditional access to data structures. Second, we apply the same methodology to data leakage, in the situation where the manipulated data is randomly masked.

The webinar shows that proper implementation of PQC requires knowledge of security evaluation and of secure coding. Owing to the large variety of PQC algorithms and their configurations, generic methods shall be available. Those are overviewed in this webinar, and we expect the audience to learn about secure code evaluation and design, in the framework of Catalyzr and Securyzr technologies.

There are a series of security considerations:

  • Constant time issues,
  • Overview of vulnerabilities,
  • Performance impact,
  • Fixing leakage tactics.

We discuss how Post-Quantum Cryptography is more than just a change to safer asymmetric cryptography, it is a road to more efficient IoT.

We also look at real use cases with a verified demonstration and finish by discussing how Post-Quantum cryptography is an implementation challenge and demonstrate how Secure-IC addresses this with our PESC approach.

Secure-IC is also the leader for the RISQ project, the French consortium gathering industry, academia and government for Post Quantum Security.

If you have missed our webinar, you can request more information thanks to the form below.