Quantum-Safe Data Encryption: Researchers at TUM Take on NIST Challenge
As the world advances technologically, our reliance on the internet for daily tasks grows stronger. From online shopping to banking, we trust that our sensitive data remains secure through encryption. However, the emergence of quantum computing poses a significant threat to our data security, as quantum computers have the potential to crack existing encryption methods.
Recognizing the impending challenge, the United States National Institute of Standards and Technology (NIST) took proactive steps in 2016 by initiating a competition to identify quantum-resistant cryptographic algorithms. The aim was to find encryption methods that could withstand cyberattacks launched by quantum computers. Although numerous submissions were received, only a handful showed promise.
Due to the paucity of viable options, NIST has recently issued a fresh call for submissions, and researchers at the Technical University of Munich (TUM) are actively participating in this endeavor.
Quantum Computers and the Encryption Dilemma
Quantum computers operate on principles fundamentally different from classical computers, which makes them exceptionally powerful for certain tasks, including factoring large numbers. The current encryption methods rely on the difficulty of factorization, a problem that quantum computers are expected to solve with ease once they reach sufficient computational power.
NIST's Quest for Quantum-Resistant Encryption
In 2016, NIST launched the competition for new quantum-resistant encryption standards, challenging developers worldwide to propose algorithms capable of withstanding quantum attacks. To assess their security, NIST made these algorithms publicly accessible for scrutiny and attempted attacks. The trust in NIST standards, known for their robustness, led to widespread industry adoption.
Out of the initial 69 submissions, only 26 progressed to the second round, and just seven reached the final stage. However, shortly before NIST could declare winners, four of the finalists experienced severe cyberattacks. One algorithm had to be withdrawn after succumbing to a standard laptop within two days. While the vulnerabilities in the remaining candidates were patched sufficiently to keep them in the competition, this highlighted the pressing need for standardized processes based on diverse mathematical problems.
TUM's Contribution to Quantum-Safe Encryption
In spring this year, NIST issued another call for submissions of new encryption algorithms. A team led by Professor Antonia Wachter-Zeh, specializing in Coding and Cryptography at TUM, collaborated with another research group at TUM and researchers from Universita Politecnica delle Marche in Italy to develop two algorithms based on digital signature schemes. Digital signatures serve as electronic "fingerprints" that verify the source of data and its integrity.
Professor Wachter-Zeh's innovative approach relies on error-correcting codes, a technique inspired by the inherent errors in data transmission and storage. These codes introduce redundant information before transmission, enabling error correction upon reception. By intentionally introducing errors before encryption and correcting them during decryption, Wachter-Zeh ensures data remains secure from unauthorized access while still allowing for accurate encryption and storage.
For the NIST competition, the research team submitted one system based on error-correcting codes in the Lee metric and another employing restrictive errors in the Hamming metric. The distinctive feature of the Lee metric is its weighted assessment of variations in specific positions, while the restrictive Hamming metric allows for errors only in defined values, potentially leading to more errors in a larger number of positions.
Professor Wachter-Zeh expressed optimism about the "CROSS" signature procedure that utilizes restrictive errors, deeming it highly competitive and a potential candidate for a new encryption standard. Meanwhile, the "FuLeeca" algorithm, based on the Lee metric, shows promise but requires further research to address identified vulnerabilities.
Looking Ahead
In the realm of cryptography, two primary data encryption methods exist: symmetric and asymmetric encryption. While symmetric encryption methods are considered adaptable and quantum-safe, the NIST competition focuses on asymmetric cryptography systems, particularly digital signatures and key encapsulation mechanisms.
Professor Wachter-Zeh is actively involved in projects like the German-French DFG-ANR project CROWD, which explores new code classes in cryptography, and the EiC Pathfinder Challenges project DiDaX, focused on DNA-based digital data storage. Her research receives funding from various sources, including the DFG Emmy Noether Program, the ERC project inCREASE ("Coding for Security and DNA Storage"), and the BMBF project 6G-life. Her contributions to the field have been recognized through numerous awards, including the Heinz Maier-Leibnitz Prize in 2018 and the NVMW Memorable Paper Award in 2019.
As the race for quantum-safe encryption continues, researchers like Professor Antonia Wachter-Zeh and her team at TUM are at the forefront, working tirelessly to secure our data in an era of ever-advancing technology.
Antonia Wachter-Zeh, Professor of Coding and Cryptography; Wachter-Zeh was photographed in the chair building on the TUM campus downtown Norgdelaende N3, on September 17th, 2021; Photo: Astrid Eckert, TU Munich