APPQC: Advanced Practical Post-Quantum Cryptography From Lattices

APPQC：来自格的高级实用后量子密码学

• 批准号: EP/Y02432X/1
• 负责人: Martin Albrecht
• 金额: $ 203.15万
• 依托单位: King's College London
• 依托单位国家: 英国
• 项目类别: Research Grant
• 财政年份: 2024
• 资助国家: 英国
• 起止时间: 2024 至 无数据
• 项目状态: 未结题
• 来源: https://gtr.ukri.org/projects?ref=EP%2FY02432X%2F1
• 关键词: APPQC; Advanced; Practical; Post; Quantum; APPQC; Advanced; Practical; Post; Quantum

Standardisation efforts for post-quantum public-key encryption and signatures are close to completion. At the same time the most recent decade has seen the deployment, at scale, of more advanced cryptographic algorithms where no efficient post-quantum candidates exist. These algorithms e.g. permit to give strong guarantees even after some parties were compromised, privacy-preserving contact lookups, credentials and e-cash. This project will tackle the challenge of "lifting" such constructions to the post-quantum era by pursuing three guiding questions:- What is the cost of solving lattice problems with and without hints on a quantum computer? Answers to this question will provide confidence in the entire stack of lattice-based cryptography from "basic" to "advanced". Studying the presence of hints tackles side-channel attacks and advanced constructions.- What are the lattice assumptions that establish feature- and (near) performance-parity with pre-quantum cryptography? Standard lattice assumptions do not seem to establish feature parity with pairing-based or even some Diffie-Hellman-based pre-quantum constructions, how can we achieve efficient and secure advanced practical post-quantum solutions?- How efficient is a careful composition of lattice-base cryptography with other assumptions? If we want to deploy our post-quantum solutions in practice, we will need to design hybrid schemes that are secure if either of their pre- or post-quantum part is secure and to deploy many advanced lattice-based primitives in practice we need to carefully compose them with zero-knowledge proofs to rule out some attacks.Lattice-based cryptography has established itself as a key technology to realise both efficient basic primitives like post-quantum encryption and advanced solutions such as computation with encrypted data and programs. It is thus well positioned to tackle the middle ground of advanced yet practical primitives for phase 2 of the post-quantum transition.

量子后公钥加密和签名的标准化工作接近完成。同时，最近十年来，在不存在有效的后量子后候选者的情况下，大规模的加密算法的部署。这些算法，例如即使在某些方遭到妥协，保存隐私的联系查找，凭证和电子现金之后，也可以提供强大的保证。该项目将通过提出三个指导性问题来应对“提升”此类构造的挑战： - 解决量子计算机上有和没有提示的晶格问题的成本是多少？这个问题的答案将使从“基本”到“高级”的整个基于晶格的密码学提供信心。研究提示的存在探测了侧通道攻击和高级结构。-建立特征和（近）具有量词前加密术的特征和（近）性能的晶格假设是什么？标准的晶格假设似乎没有建立具有基于配对甚至一些基于差异的量子前结构的特征奇偶校验，我们如何才能实现有效且安全的先进实用后实用后解决方案？ If we want to deploy our post-quantum solutions in practice, we will need to design hybrid schemes that are secure if either of their pre- or post-quantum part is secure and to deploy many advanced lattice-based primitives in practice we need to carefully compose them with zero-knowledge proofs to rule out some attacks.Lattice-based cryptography has established itself as a key technology to realise both efficient basic primitives like post-quantum encryption and advanced使用加密数据和程序进行计算之类的解决方案。因此，在量词后转变的第2阶段第2阶段的高级但实际原始的基础上，它的位置很好。