State-of-the-art crypto goes post-quantum - The TinySSH server aims to eliminate post-quantum cryptography weaknesses
Public-key cryptosystems form a critical aspect of our secrecy. The ability to establish private communications over a public medium is exercised billions of times per day. Should technology arise that unmasks this private discourse, the consequences could be incalculable.
In quantum computing, such a technology is rising. Potential hardware that can execute Shor's algorithm to directly threaten commonly used public-key schemes (RSA, conventional Diffie-Hellman, and elliptic curve) may be far nearer to realization than we would expect. D-Wave corporation has promised to deliver an adiabatic quantum computer this year with 5,000 qubits; this machine is not capable of directly running Shor's algorithm, but if it were, TLS and SSH would be severely compromised. There is some urgency to correct our cryptosystems.
The threat of these new computing devices is very real, to the extent that the U.S. National Institute of Standards launched a competition for a quantum-resistant public-key cryptosystem.
Into this controversy, TinySSH, a minimal SSH server with an embedded focus, has implemented a hybrid key exchange involving NTRU Prime (a round 2 finalist in the NIST competition) combined with conventional ed25519 elliptic curve keys.
See State-of-the-art crypto goes post-quantum
#technology #security #opensource
Secrecy is one of the most important functions of computer science. Should electronic secrecy suddenly collapse into total transparency, we could not engage in electronic commerce, we would be unable to communicate privately, our past communications would be globally visible, and we would be critically impacted in myriad ways that would fundamentally change our ability to work and live. Consider the time we spend every day maintaining our secrecy with passwords, lock patterns, wireless fobs, and biometrics that restrict access to protect us and the ramifications of their failure.
source https://gadgeteer.co.za/state-art-crypto-goes-post-quantum-tinyssh-server-aims-eliminate-post-quantum-cryptography
Comments