Quantum News Briefs today dives into the hacking of the SIKE encryption algorithm by two Belgians who used an Intel Xeon CPU; the article concludes with the SIKE’s co-creator ‘s response. An article discussing quantum-resistant coding is next on today’s lineup followed by a somewhat whimsical announcement from Hackaday about Google’s Quantum Virtual Machine and MORE.
Post-Quantum Crypto Cracked in Hour with One Core of Ancient Xeon
One of the four encryption algorithms America’s National Institute of Standards and Technology (NIST) recommended as likely to resist decryption by quantum computers has had holes kicked in it by researchers using a single core of a regular Intel Xeon CPU, released in 2013. Quantum News Briefs summarizes Laura Dobberstein’s recent article in the Register which she opens with, “NIST’s nifty new algorithm looks like it’s in trouble.”
The Supersingular Isogeny Key Encapsulation (SIKE) algorithm was chosen by NIST just last month as a candidate for standardization, meaning it advanced to an extra round of testing en route to adoption.
Within SIKE lies a public key encryption algorithm and a key encapsulated mechanism, each instantiated with four parameter sets: SIKEp434, SIKEp503, SIKEp610 and SIKEp751.
Microsoft – whose research team played a role in the algorithm’s development along with multiple universities, Amazon, Infosec Global and Texas Instruments – set up a $50,000 bounty for anyone who could crack it. Two Belgians, Wouter Castryck and Thomas Decru, claim to have done just that, using non-quantum x86 silicon.
Microsoft described the algorithm as using arithmetic operations on elliptic curves defined over finite fields and compute maps, also called isogenies, between the curves. Finding such an isogeny was thought to be sufficiently difficult to provide reasonable security – a belief now shattered by nine-year-old tech.
SIKE co-creator David Jao reportedly believes the NIST submitted version of SIKE used a single step to generate the key, and a possible more resilient variant could be constructed with two steps.
Computer-Resistant Quantum Cryptography: Previously Not Suitable for TLS
Quantum-resistant coding (QCRC) is still a topic of intense debate among experts. Big keys cause big concerns. Powerful quantum computers are still somewhat out of reach, but cryptographic professionals want to develop robust protocols today. Theodore Meeks wrote recently about the need and roadblocks in Aviation Analysis and Quantum News Briefs summarizes.
Years ago, the US authority invited NIST to compete and, after evaluating the candidates, recently selected one algorithm for exchanging keys and three for signatures. They should be able to withstand future decryption attacks. The winners of the signing competition are Dilithium-II, Falcon-512 and Sphincs+, and Kyber was chosen to exchange the keys.
But it is doubtful whether it will be used on a large scale, as hoped. Because both of the three signature algorithms and Kyber generate much larger data packets compared to today’s methods, exceeding the maximum packet size on many Internet paths (MTU, Maximum Transmission Unit).
According to Eric Riscorla, chief technology officer of Mozilla, the only good news is that powerful quantum computers are still a thing of the future. However, the basic problem of current TLS technology remains unresolved: if you save all TLS communication packets and attack them years later using a quantum computer, you can later deconstruct existing secret transmissions. The IETF also wants to prevent this as much as possible, which is why it has been working on several working groups on the topic of quantum computer resistance.
Google’s ‘Quantum Virtual Machine’ Free of Cost
On the face of it, it sounds like marketing-speak for just another quantum simulator. But if you read the post, it sounds like it attempts to model effects from a real Sycamore processor including qubit decay and dephasing along with gate and readout errors. This forms what Google calls “processor-like” output, meaning it is as imperfect as a real quantum computer.
If you need more qubits than Google is willing to support, there are ways to add more computing using external compute nodes. Even if you have access to a real machine of sufficient size, this is handy because you don’t have to wait in a queue for time on a machine. You can work out a lot of issues before going to the real computer.
If you really need a quantum computer, the simulation is probably too slow to be practical. But at least this “. . . might help you work out the kinks on smaller problems before tackling the whole enchilada” according to Williams.
Developing a New Approach for Building Quantum Computers
The findings, published last week in Nature Chemistry, could ultimately lead to a leap in quantum processing power.
“The idea is, instead of building a quantum computer, to let chemistry build it for us,” said Eric Hudson, UCLA’s David S. Saxon Presidential Professor of Physics and corresponding author of the study. “All of us are still learning the rules for this type of quantum technology, so this work is very sci-fi right now.”
Sandra K. Helsel, Ph.D. has been researching and reporting on frontier technologies since 1990. She has her Ph.D. from the University of Arizona.