Post-quantum cryptography refers to research on cryptographic primitives (usually public-key cryptosystems) that are not efficiently breakable using quantum computers more than classical computer architectures. This term came about because most currently popular public-key cryptosystems rely on the integer factorization problem or discrete logarithm problem, both of which would be easily solvable on large enough quantum computers using Shor's algorithm. Even though current publicly known experimental quantum computing is nowhere near powerful enough to attack real cryptosystems, many cryptographers are researching new algorithms, in case quantum computing becomes a threat in the future. This work is popularized by the PQCrypto conference series since 2006.
In contrast, most current symmetric cryptographic systems (symmetric ciphers and hash functions) are secure from quantum computers. The quantum Grover's algorithm can speed up attacks against symmetric ciphers, but this can be counteracted by increasing key size. Thus post-quantum cryptography does not focus on symmetric algorithms.
Post-quantum cryptography is also unrelated to quantum cryptography, which refers to using quantum phenomena to achieve secrecy.
- Lattice-based cryptography such as NTRU and GGH
- Multivariate cryptography such as Unbalanced Oil and Vinegar
- Hash-based signatures such as Lamport signatures and Merkle signature scheme
- Code-based cryptography that relies on error-correcting codes, such as McEliece encryption and Niederreiter signatures
- Peter W. Shor (1995-08-30). "Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer". arXiv:quant-ph/9508027.
- Daniel J. Bernstein (2009). "Introduction to post-quantum cryptography". (Introductory chapter to book "Post-quantum cryptography").
- "Cryptographers Take On Quantum Computers". IEEE Spectrum. 2009-01-01.
- "Q&A With Post-Quantum Computing Cryptography Researcher Jintai Ding". IEEE Spectrum. 2008-11-01.
- Daniel J. Bernstein (2009-05-17). Cost analysis of hash collisions: Will quantum computers make SHARCS obsolete?.
- Daniel J. Bernstein (2010-03-03). Grover vs. McEliece.
|This cryptography-related article is a stub. You can help Wikipedia by expanding it.|