Introduction to Post-Quantum Cryptography in Scope of NIST's Post-Quantum Competition

Tänapäeval on andmeturve paljudes valdkondades määrava tähtsusega, kuid hiljutised edusammud kvantmehhaanika valdkonnas võivad tänased interneti turvaprotokollid ohtu seada. Kuna kvantvutid on tõenäoliselt võimelised murdma meie praeguseid krüptostandardeid, tekib vajadus tugevamate krüpteerimisalgoritmide järele. Viimaste kümnendite jooksul on postkvantkrüptograafia saanud palju tähelepanu, kuid siiani pole ükski postkvantkrüptograafiline algoritm standardiseeritud ulatuslikuks kasutamiseks. Seetõttu algatati NIST programm, mille eesmärk on valida uued krüptostandardid, mis säilitaks oma turvalisuse ka kvantarvutite vastu. Käesolev lõputöö annab ülevaate postkvantkrüptograafia erinevatest valdkondadest - võrepõhine, koodipõhine, räsipõhine ja mitmemuutujaline krüptograafia - kasutades näiteid NIST standardiseerimisprogrammist. Lõputöö eesmärk on koostada ülevaatlik materjal, mis annaks informaatika või matemaatika taustaga tudengile laiahaardelised algteadmised postkvantkrüptograafia valdkonnast.Nowadays, information security is essential in many fields, ranging from medicine and science to law enforcement and business, but the developments in the area of quantum computing have put the security of current internet protocols at risk. Since quantum computers will likely be able to break most of our current cryptostandards in trivial time, a need for stronger and quantum-resistant encryption algorithms has arisen. During the last decades, a lot of research has been conducted on the topic of quantum-resistant cryptography, yet none of the post-quantum algorithms have yet been standardized. This has encouraged NIST to start a program to select the future post-quantum cryptography standards. This thesis gives an overview of different types of quantum-resistant algorithms, such as lattice-, code-, hash- and multivariate polynomial based algorithms, for public key encryption and signature schemes, using the examples from NIST’s postquantum cryptography standardization program. The aim of this paper is to compose a compact material, which gives a person with computer science background a basic understanding of the main aspects of post-quantum cryptography

Cloud Data Auditing Using Proofs of Retrievability

Cloud servers offer data outsourcing facility to their clients. A client outsources her data without having any copy at her end. Therefore, she needs a guarantee that her data are not modified by the server which may be malicious. Data auditing is performed on the outsourced data to resolve this issue. Moreover, the client may want all her data to be stored untampered. In this chapter, we describe proofs of retrievability (POR) that convince the client about the integrity of all her data.Comment: A version has been published as a book chapter in Guide to Security Assurance for Cloud Computing (Springer International Publishing Switzerland 2015

BlockPKI: An Automated, Resilient, and Transparent Public-Key Infrastructure

This paper describes BlockPKI, a blockchain-based public-key infrastructure that enables an automated, resilient, and transparent issuance of digital certificates. Our goal is to address several shortcomings of the current TLS infrastructure and its proposed extensions. In particular, we aim at reducing the power of individual certification authorities and make their actions publicly visible and accountable, without introducing yet another trusted third party. To demonstrate the benefits and practicality of our system, we present evaluation results and describe our prototype implementation.Comment: Workshop on Blockchain and Sharing Economy Application