- To prevent future attacks based on quantum computers, NIST is pushing forward with standardization processes.
- One of the post-quantum cryptography candidates, “Supersingular Isogeny Key Encapsulation” was broken by a traditional system.
- The cracking process required so little computing power, it took only one hour with a 2013 model CPU, and the script was using only one core of it.
Quantum computers keep getting improved and some concerns about their security are rising as well. Additionally, due to their nature, they are very powerful brute-force machines against our traditional silicon-based systems. Because of those possible issues, authorities are trying to standardize its security features before quantum computing becomes more reachable and popular.
Ongoing standardization processes by NIST
One of those efforts is the Post-Quantum Cryptography Standardization process by the National Institute of Standards and Technology or NIST. During the standardization process by NIST, one of the algorithms which managed to reach the fourth round has been cracked by a traditional CPU.
This algorithm is named Supersingular Isogeny Key Encapsulation, SIKE, and it was actually broken by a CPU with very low computing power, Intel Xeon E5-2630v2. It is a six-core, 22 nm CPU that was released in 2013; the code that breaks SIKE was running on a single core of it. The KU Leuven researchers summarized the incident as follows:
« We present an efficient key recovery attack on the Supersingular Isogeny Diffie-Hellman protocol (SIDH), based on a “glue-and-split” theorem due to Kani. Our attack exploits the existence of a small non-scalar endomorphism on the starting curve, and it also relies on the auxiliary torsion point information that Alice and Bob share during the protocol. Our Magma implementation breaks the instantiation SIKEp434, which aims at security level 1 of the Post-Quantum Cryptography standardization process currently run by NIST, in about one hour on a single core. »
One of the biggest collaborators for the SIKE algorithm is Microsoft. Currently, many researchers looking for ways to provide better security against quantum-based attacks for both quantum and traditional systems.