Today we protect systems, data, and communication using encryption keys of various lengths together with secure algorithms, and after a quick check, I found out banking websites are using 128-bit to 256-bit keys for secure (TLS v1.2) communication, and my Linux system is using a 4096-bit RSA key for secure communication over SSH. According to an Infineon press release, such key length are suitable for secure communication today, and current computer do not have sufficient processing power to break encryption, but with the advance of Quantum computer, even RSA-2048 keys won’t be secure, which means in 15 to 20 years all data encrypted (and stored) today with such keys would theoretically be accessible in the clear.
That’s why the company has been working on next-generation post-quantum cryptography (PQC), and recently demonstrated the first PQC implementation on a commercially available contactless security chip, as used for electronic ID documents.
The company explains further:
Security experts at Infineon’s Munich headquarters and the Center of Excellence for contactless technologies in Graz, Austria, made a breakthrough in this field. They implemented a post-quantum key exchange scheme on a commercially available contactless smart card chip. Key exchange schemes are used to establish an encrypted channel between two parties. The deployed algorithm is a variant of “New Hope”, a quantum-resistant cryptosystem also explored successfully by Google on a development version of the Chrome browser.
The main challenge was to keep the small chip size and memory with the more complex PQC algorithm, and also to get the transaction to execute in a reasonable amount of time. They managed to do this on a commercial available security chip without requiring additional memory space. Those advances should also for security equivalent to today’s RSA and ECC at a time when quantum computer become available. Going forward, there will need to be one or more PQC algorithms standardized before government and industries mandate the migration.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
4 Replies to “Infineon Claims to Have Implemented Post-Quantum Cryptography on a Contactless Security Chip”
…of course with a backdoor for the NSA 😉
Did you even look at this paper? The consensus is it’s a TROLL paper!
Hmmm… Maybe I confused the Infinion paper with this one?
I could not see any paper from Infineon, just an announcement that they had included PQC into a small chip.
The paper linked on Bruce Schneier’s website is not directly related even though it deals with RSA and quantum computers.