The grid-based cryptographic methods are considered to be very secure. This assessment is based on theoretical considerations and mathematical calculations. At the Institute for Microelectronics and Embedded Systems at the University of Applied Sciences of Eastern Switzerland, the focus is less on mathematical theories than on the way in which these theories are technically implemented. On the one hand, the researchers in Rapperswil (on the Lake Zurich, Switzerland) want to advance the development of fast computer chips for post-quantum cryptography. On the other hand, they also want to analyse the security of such systems. “Some algorithms that look good on paper,” explains Dorian Amiet, “prove vulnerable in practice to so-called side-channel attacks. Amiet has been working as a project member in Rapperswil for about two years on programming aspects of post-quantum cryptography.
For side-channel attacks, the Rapperswil researchers like to use an oscilloscope, a measuring device that makes electrical voltage fluctuations visible. This is because every algorithm, when used on computer hardware, is dependent on electricity. Sometimes an analysis of voltage fluctuations allows conclusions to be drawn about the inner workings of a computer program and the data it processes.
In a new paper, Amiet and other colleagues deal with “Newhope”. This grid-based method had been developed by major European companies and universities and was considered a favourite in the nesting selection process until recently. But in the Rapperswil laboratory this software did not cut a good figure. Under certain circumstances, the secrets that had been entrusted to this software could be read with the naked eye on the oscilloscope.
“Newhope” did not make it to the third and final round of nest evaluation. And the attack that brought “Newhope” to its knees in Rapperswil also works against “Crystals-Kyber” from IBM. Amiet plans to present this new finding at an international conference on post-quantum cryptography in September.
When will quantum computers be ready for use? Employees of the American consulting firm Rand Corp. have undertaken to confront 15 experts with this question as part of the aforementioned study. On average, the commissioning of a cryptographically relevant quantum computer is set for the year 2033. But the answers vary widely. There are experts who see this technology coming as early as 2022 or 2023, others believe that quantum computers will remain a chimera forever.
Andreas Curiger is also one of the doubters. The electrical engineer – co-founder and head of technology at the young Zurich security company Securosys SA – compares these computers to nuclear fusion reactors: In both cases, he says, despite decades of research, they are still far from being used in practice. Curiger does not believe that he will be dealing with a functional quantum computer in his professional life. Nevertheless, he is committed to the development of post-quantum cryptography. His company cooperates in research with the Rapperswil Institute for Microelectronics and Embedded Systems.
Securosys sells devices for the protection of data transmission, which are used by banks for the authentication and verification of financial transactions, for example. These customers appreciate the fact that these devices have been developed and manufactured entirely in Switzerland. Together with researchers from Rapperswil, Curiger wanted to find out what effort is required to adapt the Securosys devices to post-quantum cryptography. “It looks good,” says Curiger, “we were able to develop the prototype of a quantum-safe hardware module.”