The cryptography and the computing power of computers are in a constant battle: if the efficiency of computer is increasing, the encryption techniques have to be updated as well, to ensure the safety of data communication and the whole IT. Quantum computers are able to calculate certain mathematical tasks, on which the main part of today’s cryptographic methods rely, fast- and will be ready in the foreseeable future. Cryptography should be prepared for this. A research team of Technische Univertistät (TU) Darmstadt and the German IT-Security company genau introduced a digital signature method at the trade fair it-sa in Nuremberg, which withstands attacks of quantum computers. For example with digital signatures software developers guarantee their customers the authenticity of delivered updates. The method was made ready for practical use in the research project squareUP and is to be published shortly as a first Internet- standard (Request for Comments, RFC) for post-quantum signatures. Thus it becomes a universally valid Internet-standard – a mile stone for the post-quantum cryptography.

Quantum computer will be able solve extremely complex tasks in a very short time because of their special abilities: for instance calculate climate models and chemical processes in Pharma- and Material- Research – or the keys to nowadays widespread Public-Key-Crypto-Methods. This potential makes the development of the new computer interesting, according to Edward Snowden NSA has invested substantial funds. Today quantum computer are theory to a large extend and not suitable for practical use. But since large funds are invested in the development, there should be the first computer of that kind in the foreseeable future. The development and distribution of new, practical encryption technique is time-consuming, as well, therefore cryptography should react as soon as possible to the foreseeable quantum leap in the computing power.

With hash functions to the post-quantum signature

A research team of TU Darmstadt and the IT-Security company genau form Kirchheim near Munich has accepted the challenge. Within the project squareUP headed by the experienced Cryptography professor Johannes Buchmann a signature technique, which cannot be broken into by quantum computers, was made practical within three years. Core of the solution are the hash functions: those are working only in one way as a general rule – once with hash functions coded contents cannot be deciphered to plain text. Because of their attributes cryptographically secure hash functions ae considered to be resistant against quantum computer attacks.

RFC is to supply a fast distribution

On the way to a salable signature technique starting with the hash functions many tasks had to be solved by the researchers: at first they implemented the cryptographic technique in an OpenSource-Solution, which was freely accessible for the development work. After that suitable values for key figures, run time and the number of signatures had to be determined. To meet the high security requirements, the solutions had to be tested against weak point in all directions. Ultimately the design for an Internet-standard (RFC) was created to establish the post-quantum signature technique as an internet-standard and to enable a fast distribution. The final publication of RFC is to occur shortly.

Form research to practical use: genau signs updates with a new method

A first user is the project partner genau gmbh. The IT-Security company from Kirchheim near Munich has already implemented the new technique in some security products, post-quantum signatures guarantee the customers the validity of delivered software updates. The project by genau and TU Darmstadt squareUP was fundend by the Deutschen Forschungs­gemeinschaft (DFG) as well as the Bavarian Ministry of Economic Affairs.

About the Cyber-Security research at TU Darmstadt

Within the CYSEC profile area, researchers at Technische Universität Darmstadt study cybersecurity and privacy protection. 33 research groups from eight departments (Computer Science, Physics, Electrical Engineering and Information Technology, History and Social Sciences, Biology, Human Sciences, Mechanical Engineering, Law and Economics) of TU Darmstadt are members of CYSEC. In its various joint and independent projects, CYSEC performs internationally renowned, top-notch research in numerous areas of cybersecurity. Through the degree program in IT-Security as well as various course offerings, CYSEC trains highly specialized professionals in the area of cybersecurity, and supports and promotes future researchers. Technology transfer via national and international cooperation with non-university research institutions and industrial partners, and the provision of consultancy services to policy-makers, society and industry complete the profile of CYSEC.

About genau

The genau gmbh is a German specialist for IT-Security. Their array of services ranges from protection against sensible interfaces in the area of authorities and industry to the network of highly critical infrastructures, reliable encoded data communication via Internet, remote maintenance systems as well as Remote Access-Solutions for mobile employees and Home Offices. All products are developed and produced by genau in Germany. Regular certifications and approvals by the German Federal Office for Information Security ensure the product quality. Numerus customs of industry and the public sector opt for the experience and solutions of the 1992 founded company, which employs over 200 employees in their head office in Kirchheim near Munich and the locations Berlin, Cologne and Stuttgart. genau is a company of the Bundesdruckerei- group.

 

Press releas of genua gmbh

show all news