Introduction to Post-Quantum Cryptography in Scope of NIST's Post-Quantum Competition

Tänapäeval on andmeturve paljudes valdkondades määrava tähtsusega, kuid hiljutised edusammud kvantmehhaanika valdkonnas võivad tänased interneti turvaprotokollid ohtu seada. Kuna kvantvutid on tõenäoliselt võimelised murdma meie praeguseid krüptostandardeid, tekib vajadus tugevamate krüpteerimisalgoritmide järele. Viimaste kümnendite jooksul on postkvantkrüptograafia saanud palju tähelepanu, kuid siiani pole ükski postkvantkrüptograafiline algoritm standardiseeritud ulatuslikuks kasutamiseks. Seetõttu algatati NIST programm, mille eesmärk on valida uued krüptostandardid, mis säilitaks oma turvalisuse ka kvantarvutite vastu. Käesolev lõputöö annab ülevaate postkvantkrüptograafia erinevatest valdkondadest - võrepõhine, koodipõhine, räsipõhine ja mitmemuutujaline krüptograafia - kasutades näiteid NIST standardiseerimisprogrammist. Lõputöö eesmärk on koostada ülevaatlik materjal, mis annaks informaatika või matemaatika taustaga tudengile laiahaardelised algteadmised postkvantkrüptograafia valdkonnast.Nowadays, information security is essential in many fields, ranging from medicine and science to law enforcement and business, but the developments in the area of quantum computing have put the security of current internet protocols at risk. Since quantum computers will likely be able to break most of our current cryptostandards in trivial time, a need for stronger and quantum-resistant encryption algorithms has arisen. During the last decades, a lot of research has been conducted on the topic of quantum-resistant cryptography, yet none of the post-quantum algorithms have yet been standardized. This has encouraged NIST to start a program to select the future post-quantum cryptography standards. This thesis gives an overview of different types of quantum-resistant algorithms, such as lattice-, code-, hash- and multivariate polynomial based algorithms, for public key encryption and signature schemes, using the examples from NIST’s postquantum cryptography standardization program. The aim of this paper is to compose a compact material, which gives a person with computer science background a basic understanding of the main aspects of post-quantum cryptography

Efficient Synchronous Byzantine Consensus

We present new protocols for Byzantine state machine replication and Byzantine agreement in the synchronous and authenticated setting. The celebrated PBFT state machine replication protocol tolerates $f$ Byzantine faults in an asynchronous setting using $3f+1$ replicas, and has since been studied or deployed by numerous works. In this work, we improve the Byzantine fault tolerance threshold to $n=2f+1$ by utilizing a relaxed synchrony assumption. We present a synchronous state machine replication protocol that commits a decision every 3 rounds in the common case. The key challenge is to ensure quorum intersection at one honest replica. Our solution is to rely on the synchrony assumption to form a post-commit quorum of size $2f+1$, which intersects at $f+1$ replicas with any pre-commit quorums of size $f+1$. Our protocol also solves synchronous authenticated Byzantine agreement in expected 8 rounds. The best previous solution (Katz and Koo, 2006) requires expected 24 rounds. Our protocols may be applied to build Byzantine fault tolerant systems or improve cryptographic protocols such as cryptocurrencies when synchrony can be assumed

Novel one time signatures (NOTS) : a compact post-quantum digital signature scheme

The future of the hash based digital signature schemes appears to be very bright in the upcoming quantum era because of the quantum threats to the number theory based digital signature schemes. The Shor's algorithm is available to allow a sufficiently powerful quantum computer to break the building blocks of the number theory based signature schemes in a polynomial time. The hash based signature schemes being quite efficient and provably secure can fill in the gap effectively. However, a draw back of the hash based signature schemes is the larger key and signature sizes which can prove a barrier in their adoption by the space critical applications, like the blockchain. A hash based signature scheme is constructed using a one time signature (OTS) scheme. The underlying OTS scheme plays an important role in determining key and signature sizes of a hash based signature scheme. In this article, we have proposed a novel OTS scheme with minimized key and signature sizes as compared to all of the existing OTS schemes. Our proposed OTS scheme offers an 88% reduction in both key and signature sizes as compared to the popular Winternitz OTS scheme. Furthermore, our proposed OTS scheme offers an 84% and an 86% reductions in the signature and the key sizes respectively as compared to an existing compact variant of the WOTS scheme, i.e. WOTS +

A CCA2 Secure Variant of the McEliece Cryptosystem

The McEliece public-key encryption scheme has become an interesting alternative to cryptosystems based on number-theoretical problems. Differently from RSA and ElGa- mal, McEliece PKC is not known to be broken by a quantum computer. Moreover, even tough McEliece PKC has a relatively big key size, encryption and decryption operations are rather efficient. In spite of all the recent results in coding theory based cryptosystems, to the date, there are no constructions secure against chosen ciphertext attacks in the standard model - the de facto security notion for public-key cryptosystems. In this work, we show the first construction of a McEliece based public-key cryptosystem secure against chosen ciphertext attacks in the standard model. Our construction is inspired by a recently proposed technique by Rosen and Segev