Algorithm for repelling future quantum data raids proposed by Google

Google says there is “a clear path” to protecting public key cryptography against the moment when quantum computers are used for hacking.

The company is promoting its implementation of the method and has posted it. (There are other ideas.) At stake are all the world’s collective databases of biometric and other identity data.

Google bases its conclusion on the creation of the Dilithium algorithm and the standardization of other recent public-key quantum-resilient cryptography.

Much of the cybersecurity community assumes that practical quantum computing, while unavailable now, will arrive before long and quickly tear through standard public-key cryptography like it was wet tissue paper.

Ideally, internet-scale resistance to quantum attacks will arrive before the attacks arrive, says a post by Google.

For that to happen, people will need new security keys after the FIDO Alliance standardizes post-quantum resilient cryptography and browser vendors adopt the standard.

That is going to be a lengthy process, even for a movement that’s been around since the early 2000s.

Google’s implementation combines strong nesting with classical and post-quantum cryptographical schemes. That is, a hybrid of the Ecdsa signature algorithm, which Google considers battle tested, and Dilithium.

Company executives say they hope some iteration of their proposal will get baked into the FIDO2 key specification and, of course, win the acceptance of browser companies.

They have invited the community to push their algorithm around in OpenSK, Google’s open-source implementation for keys written in Rust supporting FIDO U2F and FIDO2 standards.

Article Topics

biometric security key  |  cryptography  |  cybersecurity  |  FIDO2  |  Google  |  post-quantum cryptography  |  quantum computing