Concordia University


March 16, 2017: Invited Speaker Seminar: Preparing for Post-Quantum and Hybrid Cryptography on the Internet

Dr. Douglas Stebila
McMaster University

Thursday, March 16, 2017 at 4:00 pm
Room EV003.309


Most public key cryptography algorithms used on the Internet are based on mathematical problems which could be broken by large-scale quantum computers.  This motivates the field of post-quantum cryptography, which aims to construct public key cryptosystems that are believed to be secure even against quantum computers.  Since a future quantum computer could retroactively break the confidentiality of today's communications, it is important to begin transitioning public key encryption and key exchange to quantum-resistant algorithms.

In this talk, I'll give some mathematical background on lattice problems such as learning with errors (LWE) and ring-LWE, and show how they can be used to build key exchange protocols.  I'll discuss performance and implementation characteristics of these key exchange protocols compared to other post-quantum algorithms, using results from the Open Quantum Safe project.

I will also discuss various issues involved in trying to use post-quantum cryptography on the Internet, with a focus on the Transport Layer Security (TLS) protocol, versions 1.2 and 1.3.  For key exchange, this includes matching the security properties offered by most post-quantum key exchange primitives with the properties required by security proofs.  For signatures, this includes the challenges of certifying and conveying public keys from post-quantum signature schemes.  In both cases, I will discuss constructions and compatibility issues for hybrid cryptography, where two (or more) algorithms are used simultaneously---one traditional, one post-quantum---for potential security improvements.


Dr. Douglas Stebila is an Assistant Professor in cryptography at McMaster University in Hamilton, Ontario, Canada.  His research focuses on improving the security of Internet cryptography protocols such as SSL/TLS and SSH and developing practical quantum-safe cryptosystems.  He holds an MSc from the University of Oxford and a PhD from the University of Waterloo.


Back to top

© Concordia University