Securing our data in the quantum era: a major challenge

A great deal of sensitive information, such as diplomatic cables, health documents, bank card data or biometric passports, is encrypted every day. The aim is to make them accessible only to those with the right decryption key.

But will these cryptographic mechanisms - the science of secret messages - still be as effective in a few years' time? “It's an important question, and one of our current research priorities,” says Damien Robert, head of the Canari project team (specializing in cryptographic and arithmetic analysis) at the Inria Centre at the University of Bordeaux, a joint project of the CNRS and the University of Bordeaux. What is the major challenge ahead? It lies in particular in what we call post-quantum cryptography,” explains the researcher. This involves designing cryptographic protocols that can withstand both current machines (computers and supercomputers) and future quantum computers, which are expected to be more powerful”.

Still in the experimental phase today, quantum computers are not programmed with bits (0 or 1), but with complex numbers (qubits), enabling them to considerably increase their computing capacities. Still uncertain, their entry into service remains dependent on researchers' ability to correct the errors that occur when qubits interact with their environment.

However, when it comes to data protection, scientists are actively preparing: “It is already possible to design protocols that will resist quantum attacks,” notes Maxime Bombar, a member of the Canari team and lecturer at the University of Bordeaux. To avoid losing time when the time comes, we need to modify our algorithms and protocols as soon as possible. Migration of the processes associated with them can take a long time to implement, not least because of interoperability issues”. Ada Lovelace wrote the first machine-executable algorithm in the 19th century, when computers and processors didn't even exist!

How does the Canari project team go about improving data security? Made up of some 15 researchers, it is based on the first standards published last summer by the American standardization body NIST (National Institute of Standards and Technology), with the support of Inria. First challenge: upgrading existing cryptographic mechanisms, bearing in mind that “the mathematical tools developed for this purpose will make the algorithms designed by Canari more resilient, even if the quantum computer does not ultimately see the light of day”, notes Damien Robert. The second challenge is to obtain post-quantum performance levels at least comparable to those offered by current “pre-quantum” algorithms. The entire cryptographic community has succeeded in designing pre-quantum signature and encryption protocols that rely on a small key and are at the same time very fast,” reveals the project team leader. But that's something we don't know how to do in post-quantum cryptography at the moment: you have to choose between miniaturizing the key or speeding up the execution of the cipher.”

What transformations are on the horizon? They will concern the three main families of protocols studied by members of the Canari project-team: Euclidean networks, isogenies and error-correcting codes. “Cryptography based on Euclidean networks is today the most widespread and mature post-quantum solution,” explains Maxime Bombar. This process is based on solving geometric problems in networks made up of several thousand points.

Isogenies or isogeny graphs, on the other hand, require a great deal of energy and are based on calculations performed between several elliptic curves (algebraic curves),” continues the researcher. For my part, I'm interested in error-correcting codes, used to enable the transmission of decipherable information to which errors have been added. How does it work in practice? Take a message, in which you gradually add mistakes and errors, until it becomes unreadable. Code-based cryptography will then enable the recipient to decode and reconstitute it.

“One of the specialities of the Canari team is to study the synergies arising from the joint use of several of these protocol families,” explains Damien Robert. In a paper published for the Crypto 2022 conference in the USA, the researchers revealed, for example, possible links between Euclidean network cryptography and corrective codes: “We have shown that we can draw inspiration from network cryptography to create new techniques and strengthen security proofs in code-based cryptography”, explains Maxime Bombar, co-author of the paper.

In anticipation of future quantum computers, other team members are using number theory to improve cryptanalysis - the testing of encryption reliability via attacks - in cryptographic schemes based on Euclidean networks. Another objective: to speed up document signature processes in isogeny-based systems. 

On an international level, the Canari project team (created in the wake of LFANT) is particularly well placed to help define the next European standards for post-quantum cryptography, thanks to its discoveries and track record in the field of cryptography. This is a strategic challenge for a number of institutions, including France's DGA (Direction Générale de l'Armement) and Germany's BSI (Bundesamt für Informationstechniksicherheit).