====== 3.1 What is Post-Quantum Cryptography? ====== Protection against future quantum computer attacks. ===== The Problem ===== Today's encryption (RSA((RSA Algorithm: https://en.wikipedia.org/wiki/RSA_(cryptosystem))), ECC((Elliptic Curve Cryptography: https://en.wikipedia.org/wiki/Elliptic-curve_cryptography))) is based on mathematical problems that are hard to solve for normal computers. Quantum computers((Quantum Computing Fundamentals: https://www.ibm.com/topics/quantum-computing)) could solve these problems in minutes instead of millennia - using Shor's Algorithm((Shor's Algorithm: https://en.wikipedia.org/wiki/Shor%27s_algorithm)). ===== The Threat ===== **"Harvest Now, Decrypt Later"**((ENISA: Post-Quantum Cryptography - Current State: https://www.enisa.europa.eu/publications/post-quantum-cryptography-current-state-and-quantum-mitigation)) Attackers collect encrypted data today and wait for powerful quantum computers to decrypt it later. Affects: * Trade secrets * Long-term contracts * Personal data * Health data ===== The Solution ===== **Post-Quantum Cryptography (PQC)**((NIST Post-Quantum Cryptography: https://csrc.nist.gov/Projects/post-quantum-cryptography)) New encryption methods that even quantum computers cannot break. These are based on different mathematical problems: * **Lattice-based**: ML-KEM((FIPS 203 (ML-KEM): https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf)), ML-DSA((FIPS 204 (ML-DSA): https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf)) * **Hash-based**: SLH-DSA((FIPS 205 (SLH-DSA): https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.pdf)) * **Code-based**: Under evaluation ===== Timeline ===== ^ Year ^ Event ^ | 2024 | NIST Standards((NIST PQC Standards: https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards)) published | | 2025 | EU Roadmap((EU PQC Recommendation: https://digital-strategy.ec.europa.eu/en/library/recommendation-coordinated-implementation-plan-transition-post-quantum-cryptography)) and first implementations | | 2030 | EU deadline for critical infrastructure (NIS2((NIS2 Directive: https://eur-lex.europa.eu/eli/dir/2022/2555/oj))) | | 2035 | NIST deprecates classical algorithms((NIST: Transition to PQC: https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization)) | ===== WvdS PQ-Crypto Library ===== EMSR DATA provides a ready-to-use .NET library for Post-Quantum Cryptography: * [[..:..:..:..:..:pqcrypt:start|PQ-Crypto Overview]] * [[..:..:..:..:..:pqcrypt:konzepte:algorithmen:start|PQ Algorithms Explained (ML-DSA, ML-KEM)]] * [[..:..:..:..:..:pqcrypt:api:start|API Reference]] ===== Sources ===== * [[https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards|NIST PQC Standards (August 2024)]] * [[https://www.enisa.europa.eu/publications/post-quantum-cryptography-current-state-and-quantum-mitigation|ENISA Post-Quantum Cryptography Report]] * [[https://csrc.nist.gov/Projects/post-quantum-cryptography|NIST PQC Project]] * [[https://www.ibm.com/topics/quantum-computing|IBM: What is Quantum Computing?]]