Infineon Claims to Have Implemented Post-Quantum Cryptography on a Contactless Security Chip

Orange Pi Development Boards

Today we protect systems, data, and communication using encryption keys of various lengths together with secure algorithms, and after a quick check, I found out banking websites are using 128-bit to 256-bit keys for secure (TLS v1.2) communication, and my Linux system is using a 4096-bit RSA key for secure communication over SSH. According to an Infineon press release, such key length are suitable for secure communication today, and current computer do not have sufficient processing power to break encryption, but with the advance of Quantum computer, even RSA-2048 keys won’t be secure, which means in 15 to 20 years all data encrypted (and stored) today with such keys would theoretically be accessible in the clear.

That’s why the company has been working on next-generation post-quantum cryptography (PQC), and recently demonstrated the first PQC implementation on a commercially available contactless security chip, as used for electronic ID documents.

The company explains further:

Security experts at Infineon’s Munich headquarters and the Center of Excellence for contactless technologies in Graz, Austria, made a breakthrough in this field. They implemented a post-quantum key exchange scheme on a commercially available contactless smart card chip. Key exchange schemes are used to establish an encrypted channel between two parties. The deployed algorithm is a variant of “New Hope”, a quantum-resistant cryptosystem also explored successfully by Google on a development version of the Chrome browser.

The main challenge was to keep the small chip size and memory with the more complex PQC algorithm, and also to get the transaction to execute in a reasonable amount of time. They managed to do this on a commercial available security chip without requiring additional memory space. Those advances should also for security equivalent to today’s RSA and ECC at a time when quantum computer become available. Going forward, there will need to be one or more PQC algorithms standardized before government and industries mandate the migration.

Via ElectronicsWeekly.

Support CNX Software - Donate via PayPal or become a Patron on Patreon

4
Leave a Reply

avatar
4 Comment threads
0 Thread replies
2 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
cnxsoftDroneTC Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
TC
Guest
TC

…of course with a backdoor for the NSA 😉

Drone
Guest
Drone

Did you even look at this paper? The consensus is it’s a TROLL paper!

Drone
Guest
Drone

Hmmm… Maybe I confused the Infinion paper with this one?

https://www.schneier.com/blog/archives/2017/05/post-quantum_rs.html