“The phantom of the quantum computer is keeping academia and the IT industry on high alert,” says Infineon’s Thomas Pöppelmann (pictured).
Quantum computer attacks on today’s cryptography are expected to become reality within the next 15 to 20 years, says Infineon.
Once available, quantum computers could solve certain calculations much faster than today’s computers, threatening even best currently known security algorithms such as RSA and ECC.
Various internet standards like Transport Layer Security (TLS), S/MIME or PGP/ GPG use cryptography based on RSA or ECC to protect data communication with smart cards, computers, servers or industrial control systems. Online banking on “https” sites or “instant messaging” encryption on mobile phones are well-known examples.
Infineon implemented a post-quantum key exchange scheme on a commercially available contactless smart card chip. Key exchange schemes are used to establish an encrypted channel between two parties. The deployed algorithm is a variant of “New Hope”, a quantum-resistant cryptosystem also explored successfully by Google on a development version of the Chrome browser.
In a world of quantum computers, PQC (post-quantum cryptography) should provide a level of security that is comparable with what RSA and ECC provide today in the classical computing world, says Infineon.
However, to withstand quantum calculation power, key lengths need to be longer than the usual 2048 bits of RSA or the 256 bits of ECC. Nevertheless, the researchers at Infineon were able to implement New Hope on a commercially available security chip without requiring additional memory space and hence a larger chip size.
Standardization bodies are expected to agree on one or multiple PQC algorithms within the next few years before governments and industries mandate the migration. Infineon is actively participating in the development and standardization process in order to enable a smooth transition and to address security challenges that may arise in the advent of quantum computers.