Our digital society today is shaped by numerous applications in need of solid and trusted security mechanisms, all of which fundamentally rely on cryptographic standards. The process of getting from cryptographic designs to a complete, usable standard is long, non-trivial and often faces unpredicted challenges. An indispensable tool for guaranteeing that the chosen standard will have the desired security properties is meticulous cryptanalytic scrutiny.
In the past 10 years, we have been witnessing multiple initiations of standardisation processes for post-quantum cryptography. Post-quantum cryptosystems are widely believed to be secure even against adversaries in possession of quantum computers, in contrast to the classical cryptosystems that we use today. It is the rapid development of quantum technology that has urged standardisation bodies to start such processes - when we have a large enough general purpose quantum computer, the number-theoretic cryptography in use today will crumble, rendering void the cryptographic protection of our digital assets.
A major, safe to say the most important, standardisation effort, is that of NIST (the National Institute of Standards and Technology in the US), initiated in 2017. Draft standards were supposed to be out in 2022, but due to major cryptanalytical results on digital signatures in the final stages, the end was postponed and NIST opened an additional fourth round for signatures.
This project aims at aiding NISTs and other standardisation efforts for post-quantum digital signatures by providing new cryptanalytic methods and techniques for scrutinizing the proposed designs and improving confidence in the security of the standards that come out at the end. The first direction of the project is to develop novel cryptanalytic techniques against hard mathematical problems used in emerging Fiat-Shamir signatures and modern MQ signatures.
The methods and techniques will be of combinatorial and algebraic nature. The second direction is to incorporate into the developed attacks, or other attacks, information from side-channel leakage of the physical implementation of the cryptographic algorithms in the form of hints. Side-channel vulnerability is one of the biggest threats and currently one of the most pressing issues for practical use of post-quantum cryptography and affects the security of various IoT devices, medical wearables, bank cards, passports, etc.
