The realisation of quantum computers is ever closer with some researchers predicting their availability within the next decade. Since quantum computing offers dramatic speed-up over classical computing, when they do become a reality, commonly used public-key (or asymmetric) cryptographic algorithms based on integer factorisation and the discrete log problem, such as RSA, ECC, DSA and EC-DSA will be vulnerable to Shor’s quantum algorithm and hence, no longer secure. As a result, much research is now being conducted into post-quantum (PQ) cryptography, which refers to conventional non-quantum cryptographic algorithms that are secure today but should remain secure even after practical quantum computing is a reality. Among the various post-quantum techniques that exist (such as multivariate, code or hash-based), the most promising is lattice-based cryptography. Its main advantage is that it allows for extended functionality and is, at the same time, more efficient for the basic primitives of public-key encryption and digital signatures.
The public-key algorithms mentioned above (RSA, ECC etc..) are the mainstay of Internet security today. If the European Digital Single Market is to grow and prosper; and if the fundamental rights of European citizens with regard to security and privacy are to be upheld; then new quantum-resistant cryptographic protections must be adopted. The SAFEcrypto project provides a new generation of practical, robust and physically secure post-quantum cryptographic solutions that ensure long-term security for future ICT systems, services and applications. Novel public-key cryptographic schemes (digital signatures, authentication, and identity-based encryption (IBE)) have been developed using lattice problems as the source of computational hardness.