Cryptography: Difference between revisions
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Cryptography is the process of converting ordinary text into unintelligible text and vice-versa. It is used to store and transmit data so that only those intended can read and process it | '''Cryptography''' is the process of converting ordinary text into unintelligible text and vice-versa. It is used to store and transmit data so that only those intended can read and process it.<ref>[https://economictimes.indiatimes.com/definition/cryptography Cryptography Definition, Economic Times]</ref> It plays a key role in [[data Privacy|data privacy]] and authentication today. The former concerns long-term communication secrecy while the latter concerns the digital artifacts for establishing trust in communication, such as identity and authorization.<ref>[https://eprint.iacr.org/2021/1637.pdf 4 Cryptographic Security Algorithms, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021]</ref> | ||
== | ==Algorithms== | ||
Algorithms in modern cryptography depend on the difficulty of certain math problems that take huge amounts of time to solve. The two types of algorithms used nearly universally on the Internet today for digital signatures and key exchange are the RSA and Diffie-Hellman schemes. They are known mathematically as the hard problems of factoring and finding the discrete logarithms of large integers.<ref>[https://eprint.iacr.org/2021/1637.pdf 2.1 What Makes Cryptography “Secure”?, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021]</ref> | |||
==Post-Quantum Cryptography== | |||
In the future (assumed to be at least 50 years away if ever),<ref>[https://eprint.iacr.org/2021/1637.pdf 8 Conclusions, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021]</ref> large-scale quantum computers might be able to solve problems that are impossible with current computing technology because quantum computers can handle many complex processes at the same time. Such "cryptographically relevant quantum computers" (CRQCs) could find a break in an RSA or D-H scheme (which today is practically impossible) in a day or less. Post-quantum cryptography (PQC) algorithms should not be susceptible to quantum computers because they are fundamentally different from the RSA and the Diffie-Hellman. That is, they are not weakened by Shor’s algorithm.<ref>[https://news.mit.edu/2016/quantum-computer-end-encryption-schemes-0303 The beginning of the end for encryption schemes? MIT News, Jennifer Chu]</ref><ref>[https://www.icann.org/en/system/files/files/octo-031-11feb22-en.pdf Quantum Computing and the DNS, Paul Hoffman, ICANN OCTO-031]</ref> | |||
== | ===Hurdles to Quantum Computing=== | ||
It is very difficult to build even very small quantum computers.<ref>[https://eprint.iacr.org/2021/1637.pdf 3.3 What are the Challenges Facing Quantum Computer Development?, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021]</ref> | |||
First, the information in qubits is very fragile, so qubits must be completely isolated from the external environment and kept at temperatures near zero degrees Kelvin during computations, which takes extensive machinery and physical space. Second, qubits are highly prone to errors during processing, which requires thousands of additional cooled qubits to correct errors for every qubit in the computation. <br/> | |||
Moreover, building small quantum computers will not suffice to break cryptography. Running a small quantum computer for longer will not break the cryptographic keys, nor will running many small quantum computers in parallel achieve the task. | |||
== | ==ICANN's positions== | ||
On February 11, 2022, [[ICANN]] [[OCTO]] stated the [[ICANN Organization|org]]'s positions on the topic of the DNS and PQC:<ref>[https://www.icann.org/en/system/files/files/octo-031-11feb22-en.pdf Quantum Computing and the DNS, Paul Hoffman, ICANN OCTO-031]</ref> | |||
* The [[ICANN Community]] has not reached a consensus on how developments in quantum computing relate to the [[DNS]]. | |||
* The [[DNSSEC]] Community does not need to consider PQC at this time. | |||
* [[DNS]] [[ICANN Terms#Protocols|protocols]] that use [[TLS]] (such as DNS-over-TLS and DNS-over-HTTPS) should update to PQC to align with web protocols when they are updated. | |||
== | ==References== | ||
[[Category:Practices]] |
Latest revision as of 19:12, 1 March 2022
Cryptography is the process of converting ordinary text into unintelligible text and vice-versa. It is used to store and transmit data so that only those intended can read and process it.[1] It plays a key role in data privacy and authentication today. The former concerns long-term communication secrecy while the latter concerns the digital artifacts for establishing trust in communication, such as identity and authorization.[2]
Algorithms
Algorithms in modern cryptography depend on the difficulty of certain math problems that take huge amounts of time to solve. The two types of algorithms used nearly universally on the Internet today for digital signatures and key exchange are the RSA and Diffie-Hellman schemes. They are known mathematically as the hard problems of factoring and finding the discrete logarithms of large integers.[3]
Post-Quantum Cryptography
In the future (assumed to be at least 50 years away if ever),[4] large-scale quantum computers might be able to solve problems that are impossible with current computing technology because quantum computers can handle many complex processes at the same time. Such "cryptographically relevant quantum computers" (CRQCs) could find a break in an RSA or D-H scheme (which today is practically impossible) in a day or less. Post-quantum cryptography (PQC) algorithms should not be susceptible to quantum computers because they are fundamentally different from the RSA and the Diffie-Hellman. That is, they are not weakened by Shor’s algorithm.[5][6]
Hurdles to Quantum Computing
It is very difficult to build even very small quantum computers.[7]
First, the information in qubits is very fragile, so qubits must be completely isolated from the external environment and kept at temperatures near zero degrees Kelvin during computations, which takes extensive machinery and physical space. Second, qubits are highly prone to errors during processing, which requires thousands of additional cooled qubits to correct errors for every qubit in the computation.
Moreover, building small quantum computers will not suffice to break cryptography. Running a small quantum computer for longer will not break the cryptographic keys, nor will running many small quantum computers in parallel achieve the task.
ICANN's positions
On February 11, 2022, ICANN OCTO stated the org's positions on the topic of the DNS and PQC:[8]
- The ICANN Community has not reached a consensus on how developments in quantum computing relate to the DNS.
- The DNSSEC Community does not need to consider PQC at this time.
- DNS protocols that use TLS (such as DNS-over-TLS and DNS-over-HTTPS) should update to PQC to align with web protocols when they are updated.
References
- ↑ Cryptography Definition, Economic Times
- ↑ 4 Cryptographic Security Algorithms, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021
- ↑ 2.1 What Makes Cryptography “Secure”?, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021
- ↑ 8 Conclusions, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021
- ↑ The beginning of the end for encryption schemes? MIT News, Jennifer Chu
- ↑ Quantum Computing and the DNS, Paul Hoffman, ICANN OCTO-031
- ↑ 3.3 What are the Challenges Facing Quantum Computer Development?, Internet Security and Quantum Computing by Hilarie Orman, Dec 2021
- ↑ Quantum Computing and the DNS, Paul Hoffman, ICANN OCTO-031