Post-quantum cryptography: France well represented among the finalists designated by the American NIST

Cock-a-doodle Doo ! It’s been good since UNITED STATES that the National Institute of Standards and Technology (NIST) unveiled on July 5 the first four selected algorithms to define the future standards of post-quantum cryptography. But France was particularly well represented, both among the teams designing said algorithms and in the patents on which some winning solutions are based.

This competition was launched in 2016 by the technology standardization body attached to the United States Department of Commerce to respond to the number one fear of cryptologists: quantum computers. Indeed, asymmetric cryptography techniques – that is to say with a private key and a public key – used everywhere today to secure the digital services we use on a daily basis, such as banking transactions, access to websites web or the encryption of instant messaging, but also the most critical services of States or armies, rely on the factorization of large numbers. However, since the discovery, by the mathematician Peter Shor in 1994, of a quantum algorithm capable of factoring any number, the threat of quantum computers powerful enough to exploit this algorithm – and thus “break” most systems current cryptography – flat.

Four algorithms selected, four others still in the running

This risk would jeopardize the most sensitive data of States, hence the interest of large countries like the United States for this technology. NIST decided to act, even before quantum computers with the height existed. The competition aims to update three cryptography standards to make them resistant to quantum computers – a field commonly referred to as post-quantum cryptography:

After six years, NIST went from 82 algorithms in the running to fifteen evaluated in the third round. At the end of this, the institute selected an algorithm in the category ” public key encryption, CRYSTALS-KYBERand three in the “electronic signature” category: CRYSTALS-Dilithium, FALCON and SPHINCS+. Four other algorithms are still under study for the “key exchange” category.

Teams tinged with blue, white and red

In the teams designing the CRYSTALS-KYBER and CRYSTALS-Dilithium algorithms, we find in particular the French Tancrède Lepoint, cryptographer at Apple, Damien Stehlé, teacher-researcher at the Ecole Normale Supérieure in Lyon and Léo Ducas, researcher at the Center for Mathematics and Computer Science in Amsterdam (CWI). The FALCON algorithm was co-developed by the French giant Thales with partners from the academic world and the industrial sector from France (Rennes 1 University, PQShield SAS), Swiss (IBM), Canada (NCC Group) and the United States (Brown University, Qualcomm). Even appears, within the team responsible for SPHINCS+, the name of Jean-Philippe Aumasson, cryptographer specialized in protocols for blockchain technologies, passed by Université Paris Cité and CY Cergy Paris Université and who co-founded in 2018 the Swiss start-up Taurus.

But that’s not all: two of the algorithms retained by the NIST, including CRYSTALS-KYBER, ” could be based on patent families filed in 2010 by teacher-researchers Philippe Gaborit and Carlos Aguilar-Melchor (University of Limoges and CNRS Xlim laboratory), and jointly owned by the CNRS and the University of Limoges », tells us the CNRS. If some of the designers of these algorithms dispute the applicability of these patents as they stand – Damien Stehlé notably co-wrote an article to this effect with his colleague Vadim Lyubashevsky, from IBM Research Europe – the French research organization demanded, until winter 2021 again, a remuneration of 1% to exploit the license of these patents. The NIST also seems to have folded, since the CNRS and the University of Limoges announced on July 6 that they had signed a license agreement with the American standardization body. Thanks to the latter, operators and end users of cryptographic standards derived from the selected PQC algorithms will not need to obtain a separate license to this CNRS patent family “, indicates the press release.

Selected for you

How CEA-Leti will produce the photonic chips of the future quantum computer of Quandela

We want to give thanks to the author of this write-up for this outstanding material

Post-quantum cryptography: France well represented among the finalists designated by the American NIST

Our social media pages here and other pages on related topics here.