CoI : Post-quantum Cryptography

Quantum computing undermines current cryptography, and wipes out asymmetric cryptography. Since 2017, NIST has launched a global competition to find robust asymmetric algorithms for the era of quantum computing. The transition to such algorithms is already underway, but the standards are not yet finalized. Some devices will be able to migrate to these new algorithms, while others are not as agile. What are tomorrow's challenges? How can we achieve post-quantum cryptography today?

Main goals

• Raise awareness of the challenges of Post-Quantic Cryptography

• Achieve post-quantum robustness today for long-lived equipment that cannot be upgraded (SIM cards, IoT, etc.).
• Propose solutions for the "quantum trigger", i.e. the moment when the quantum computer will be powerful enough to compromise all current and past exchanges secured by current asymmetric cryptography.
• Orient cryptographic implementations towards greater agility, to enable any equipment to have a satisfactory level of security at all times.

Logbook

Late 2023 - 2024

The PQC CI took part in a duplex event with the Netherlands on the importance of raising awareness of PQC. Joint work was carried out with Dutch government teams to complete and enhance the first awareness-raising deliverable produced by the Awareness WG. The booklet is now available in French and English.

The PQC Community of Interest is continuing its work, strengthening the "Agility" stream with the arrival of new members, and work has resumed on the self-assessment matrix.

On 27.02.23, the GT PQC worked on :

• 3-stream progress update
  • Awareness: 4-page document for C-Levels, due for completion early this summer.
  • Agility: Matrix for assessing a company's crypto-agility, and definition of what "crypto-agility" means.
  • Proposal to relaunch stream2, recruit new members, respond to a call for projects currently being studied by Campus Cyber.

• Agreement on how future deliverables will be distributed (as widely as possible).

On 27.02.23, the GT PQC worked on :

• Allocation of members to the three work areas
• Choice of stream coordinators
• Start of work in sub-groups

It took the following decisions:

• Meet in plenary 1x / month
• All WG members have the right to review and validate the various productions, regardless of the work stream chosen.

"The topics of legal framework and intellectual property have emerged and will be clarified for future progress. "

On 30/01/23, the PQC WG worked on : Taking stock of the current state of knowledge and possibilities for action Drawing up a list of use cases to be explored

It decided to : divide into 3 sub-working groups (awareness / needs for exploration of use cases / agility in implementation)

The topics Financing of involvement / WG duration and working time / intellectual property emerged.

On 18.01.23, the PQC WG worked on :

• Presentation of members
• Target group (companies)
• Discussion of deliverables (avoid duplicating what already exists).

It decided to :

• Initially, to meet every 15 days
• Quickly agree on each member's skills and possible implications
• Target mainly companies (no "general public" work) through its productions.
• Produce a list of use cases suitable for all members

The topics of "current state of the art", "mapping of algorithms" and "capacity to disseminate / promote the Cyber Campus" have emerged.

Next meeting on 30.01.23