====== 3.1 Što je Post-Quantum kriptografija? ====== Zaštita od budućih napada kvantnih računala. ===== Problem ===== Današnja enkripcija (RSA((RSA algoritam: https://de.wikipedia.org/wiki/RSA-Kryptosystem)), ECC((Elliptic Curve Cryptography: https://de.wikipedia.org/wiki/Elliptic_Curve_Cryptography))) temelji se na matematičkim problemima koji su teški za normalna računala. Kvantna računala((Osnove kvantnih računala: https://www.ibm.com/topics/quantum-computing)) bi mogla riješiti ove probleme u minutama umjesto tisućljeća - pomoću Shorovog algoritma((Shorov algoritam: https://en.wikipedia.org/wiki/Shor%27s_algorithm)). ===== Prijetnja ===== **"Harvest Now, Decrypt Later"**((ENISA: Post-Quantum Cryptography - Current State: https://www.enisa.europa.eu/publications/post-quantum-cryptography-current-state-and-quantum-mitigation)) Napadači danas prikupljaju kriptirane podatke i čekaju na moćna kvantna računala da ih kasnije dekriptiraju. Utječe na: * Poslovne tajne * Dugoročne ugovore * Osobne podatke * Zdravstvene podatke ===== Rješenje ===== **Post-Quantum kriptografija (PQC)**((NIST Post-Quantum Cryptography: https://csrc.nist.gov/Projects/post-quantum-cryptography)) Novi postupci enkripcije koje ni kvantna računala ne mogu razbiti. Temelje se na drugim matematičkim problemima: * **Temelj rešetke** (Lattice): ML-KEM((FIPS 203 (ML-KEM): https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf)), ML-DSA((FIPS 204 (ML-DSA): https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf)) * **Temelj hash-a**: SLH-DSA((FIPS 205 (SLH-DSA): https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.pdf)) * **Temelj koda**: U evaluaciji ===== Vremenski okvir ===== ^ Godina ^ Događaj ^ | 2024 | NIST standardi((NIST PQC Standards: https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards)) objavljeni | | 2025 | EU mapa puta((EU PQC Recommendation: https://digital-strategy.ec.europa.eu/en/library/recommendation-coordinated-implementation-plan-transition-post-quantum-cryptography)) i prve implementacije | | 2030 | EU rok za kritičnu infrastrukturu (NIS2((NIS2 direktiva: https://eur-lex.europa.eu/eli/dir/2022/2555/oj))) | | 2035 | NIST deprecira klasične algoritme((NIST: Transition to PQC: https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization)) | ===== WvdS PQ-Crypto biblioteka ===== EMSR DATA nudi biblioteku spremnu za korištenje za Post-Quantum kriptografiju u .NET-u: * [[..:..:..:pqcrypt:start|PQ-Crypto pregled]] * [[..:..:..:pqcrypt:konzepte:algorithmen:start|PQ algoritmi objašnjeni (ML-DSA, ML-KEM)]] * [[..:..:..:pqcrypt:api:start|API referenca]] ===== Izvori ===== * [[https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards|NIST PQC Standards (kolovoz 2024)]] * [[https://www.enisa.europa.eu/publications/post-quantum-cryptography-current-state-and-quantum-mitigation|ENISA Post-Quantum Cryptography Report]] * [[https://csrc.nist.gov/Projects/post-quantum-cryptography|NIST PQC Project]] * [[https://www.ibm.com/topics/quantum-computing|IBM: What is Quantum Computing?]]