Post-Quantum Crypto and Cryptanalysis


Let's do the spring 2021 MasterMath Cryptology course from Eindhoven University of Technology (TU/e). Part I is a self-contained, post-quantum cryptography course. Part II is cryptanalysis and all the lectures are open on YouTube, and the assignments are open to us. Tanja Lange the premiere researcher in these topics and Daniel Bernstein are both department/research heads at TU/e now, djb is also on Team CASA some German think tank for cyber security in the age of large-scale adversaries.

I'll also work through the Cryptopals challenges which are similar to part II of the MasterMath cryptanalysis course assignments, and will eventually require learning some abstract algebra and graphs for fun and profit.

What is 'Post-quantum crypto'

It should be noted they already have quantum virtual machines to design and simulate running quantum algorithms, and even quantum cloud services where IBM has 50 qubits available to the general public to run algorithms, Google announced 53 qubites and they're all promising 1000 qubits by 2023 while it's generally agreed you only need 300 qubits for 'quantum supremacy' which means you can perform more calculations in an instant then there are atoms in the visible universe.

Is any of these qubit claims true or just marketing? Who knows, but this motivation lecture explains that we should be ready anyway and start using post-quantum crypto now as all our countries are storing historical data in order to break it years later for various purposes. She actually shows the NSA Utah data station that vacuums up and holds the world's data in football field sized buildings and notes the problems with existing software update signatures because they're never going to tell the public when they've achieved 'quantum supremacy' and have the ability to forge software update keys.

We are studying:

  • signature replacements using lattice, isogeny graphs and new hash based schemes
    • all existing public key crypto is broken in a PQ time line so key negotiations and signatures which is essential to protect integrity and authentication, and to set up symmetric key communications channels so they are defacto 'broken' as well if you can produce forged software to collect keys, impersonate anybody you want or trivially recover the shared key exchanged during ECDH negotiation
  • how to break these things or reduce their guarantees with generic attack methods

Req background

On the course page there's some prep videos if we don't have prior knowledge in cryptography:

'Cryptology' is defined as cryptography and cryptanalysis.

Qubes OS is briefly mentioned, the gist of it is here basically you run a heavily modified Xen Hypervisor to launch every app in their own private VM, the idea is to keep everything compartmentalized so if one 'app vm' is compromised it won't leak all your keys and whatever else is in /home. DJ Bernstein runs a modified version of Qubes OS and sometimes is a contributer if you go through their mailing lists, he rewrote their AdminVM thing which controls all the VMs you launch into a tiny terminal program that consumes 70% less memory. Tails OS is developed by anonymous people in France and the original idea was a privacy ghost OS, you could boot from a live CD or USB and run everything in memory, then yank it out and supposedly leave no evidence behind however it grew in size so much not sure what it's supposed to be now, memory erasing after you shut it down is not guaranteed last time I checked, I'm sure we'll learn in this course about crypto pitfalls on modern hardware.

One thing this course will teach you is how to make a unique protocol like what Max Vision and other hackers used to do to hide sketchy servers on public networks. You can alter the rounds of ssh and change other protocols where the only way to communicate with them is speaking that protocol otherwise nothing will even attempt to negotiate a connection, it's invisible and can even be camoflauged as other kinds of traffic which lazy hosting staff never did analysis on back in the day when he broke into their networks and placed his crime empire there.

These review lectures are from this bachelor's course.