[WORKSHOP] Post-quantum cryptography

In collaboration with the Quantum Engineering Univ. Grenoble Alpes, the Grenoble Alpes Cybersecurity Institute is organizing a workshop on Post-Quantum Cryptography on tuesday december 17th in the amphitheater of the Maison Jean-Kuntzmann.

 

Invited speakers will include:

Thomas Camus & Kevin Layat (ID Quantique, Switzerland)
Jean-Christophe Deneuville (ENAC Toulouse, France)
Vlad Gheorghiu (University of Waterloo/Institute of Quantum Computing, Canada)
Simon Martiel (ATOS Quantum Lab, France)
Phong N'Guyen (DIENS et Inria, France)
Douglas Stebila (University of Waterloo, Canada)
Guenael Renault (Ecole Polytechnique, France)

Indicative schedule:

*Click on a name to read the abstract

09:00-09:30 Welcome coffee & cakes
09:30-12:00 Session 1

• Simon Martiel
• Guenael Renault
• Thomas Camus & Kevin Layat

12:00-13:45 Lunch break
13:45-15:45 Session 2

• Douglas Stebila
• Jean-Christophe Deneuville

16:15-16:30 Coffee break
16:15-18:00 Session 3

• Phong NGuyen
• Vlad Gheorghiu

18:00-18:30 Conclusion

Lectures abstracts

Simon Martiel - Recent progress in Quantum computing: the Atos Quantum point of view

We will present an overview of Atos activities in Quantum Computing, ranging from quantum programming, down to simulation of perfect and noisy hardware platforms. We will focus our presentation  on the topic of NISQ quantum algorithms and on the efforts developed by Atos to efficiently integrate and deploy near-term applications in its software stack. If time allows it, we will present results on promising longer term applications such as quantum walk based backtracking algorithms."

Guenael Renault - Post-Quantum Cryptography — A Pragmatic Point of View

"The NIST is in the process of selecting one or more post-quantum public-key cryptographic algorithms through a public competition. In this talk, I will present some of the cryptosystems taking part in this competition. Then, I will provide some recommendations for developers who need to implement a security product resistant to the hypothetical quantum computer."

 

Thomas Camus & Kevin Layat - Transitioning to quantum-safe technologies: an industrial point of view

"ID Quantique is a swiss company which provides complete Quantum-safe solutions, combining network encryption, secure quantum key generation and quantum key distribution applications. As a consequence, we are especially concerned by the transition to post-quantum technologies and we are working actively to introduce these technologies in our Quantum-safe solutions. In this talk we will present the challenges a company expert in quantum technologies, like ID Quantique, faces regarding this transition across some of its industrial projects."

 

Douglas Stebila - Exploring Post-Quantum Cryptography in Internet protocols

"Post-quantum cryptographic primitives have a range of trade-offs compared to traditional public key algorithms, either having slower computation or larger public keys and ciphertexts/signatures, or both. In this talk, I will discuss how these trade-offs may impact various Internet security protocols, focusing primarily on the Transport Layer Security (TLS) protocol as a case study. First, I will discuss the various choices one must make at the protocol specification level when deciding how to integrate post-quantum algorithms into network security protocols, with special consideration of the so-called hybrid or combined scenario, where a traditional and post-quantum algorithm are used simultaneously to provide robust security. Next, I will talk about our experience with prototype implementations of post-quantum and hybrid algorithms in the TLS and the Secure Shell (SSH) protocols, including whether particular algorithms even can be used due to size constraints.  Building on this, I will present results on the performance impact of post-quantum algorithms, showing how network characteristics such as round-trip time and packet loss rate affect connection establishment time. Finally, I'll briefly discuss some open questions both from an engineering and theory perspective. Along the way I'll discuss the Open Quantum Safe project, an open-source software project for prototyping and experimenting with post-quantum cryptography."

 

Jean-Christope Deneuville - An overview of recent advances in code-based cryptography

"Two years ago, the National Institute for Standards and Technologies (NIST) initiated a process to standardize quantum safe cryptographic primitives: public-key encryption, key-exchange and digital signature schemes. With 19 (among 69) round 1 submissions, code-based cryptography stands as a major candidate for post-quantum cryptography. In this talk, I will introduce the fundamentals of code-based cryptography, present historical constructions that have inspired recent designs, and provide elements to understand why code-based cryptography stands as a mature possible replacement for encryption. Earlier this year, the competition has entered in the second round,
where 7 proposals among 26 are still considered for standardization. I will give an overview of these semi-finalists' features, and discuss their respective advantages and drawbacks regarding several use cases. Finally, I will conclude the talk with challenges and open questions code-based cryptography faces."

 

Phong Nguyen - Lattice-Based Cryptography

"Building upon knapsack cryptography, lattice-based cryptography was proposed more than twenty years ago as an alternative to classical public-key cryptography based on integer factoring and discrete logarithm. Nearly half of the second-round candidates to NIST post-quantum standardization are based on lattices. In this talk, we will survey lattice-based cryptography, with a focus on the NIST competition."

 

Vlad Gheorghiu - What does it take to run a quantum algorithm?

"Software engineers know well that asymptotically optimal algorithms can be outperformed by alternatives in practice; the O(n log n) time algorithm for integer multiplication is not necessarily the best algorithm for multiplying 64-bit integers. With that in mind: Does a known quantum algorithm outperform its classical counterpart in practice? E.g., does Grover search outperform classical exhaustive search for some given objective function? And if so, how much of an advantage does it provide? A satisfactory answer will depend on future technological progress. Nevertheless, we can begin to estimate the cost of particular quantum circuits using current proposals for quantum architectures. In this talk I will discuss the resources required for quantum computation using the surface code and how to realistically estimate the 'quantum advantage' provided by a quantum algorithm. I will also mention how those estimates influence the security parameters of current cryptographic schemes."