Challenges in post-quantum cryptography
In the past 20 years, the research community has made substantial progress in securing traditional cryptographic implementations against relevant physical attacks like side-channel and fault injection attacks. Carrying over these techniques to the post-quantum realm, however, proves surprisingly challenging.
One reason is that post-quantum cryptosystems involve mathematical operations that are significantly more complex. Another reason is that known mitigation measures severely affect the efficiency of the cryptographic algorithms, thereby adding the challenge of balancing security and efficiency.
An additional problem is that deploying and migrating to new cryptographic solutions is time-demanding, making it essential to develop cryptographic solutions well ahead of time. This conflicts with the typical modus of cryptographic deployment processes, in which later stages can unearth implementation issues that make it necessary to revert to an earlier stage and hence to further delay the deployment.
Goals
To address these challenges, the ESCAPE project develops a practical and holistic approach to creating new post-quantum cryptosystems, ensuring that their implementations will be resistant to physical attacks. Here, ’holistic’ means that ESCAPE fosters strategic interactions between the (usually linear) design stages, such that findings on implementation security can already be taken into consideration while designing. The ultimate goal of ESCAPE is to produce secure and efficient designs and implementations of post-quantum cryptographic schemes with built-in protection against physical attacks. As a major innovative component, this approach takes advantage of the interplay between four research areas: cryptanalysis, provably secure designs, efficient implementations and implementation security.
