Scope and Field of Application
|
This work item is intended to provide an overview of the impact of quantum computing on the security proofs of several cryptographic protocols. It discusses which security proofs are invalidated, or otherwise affected, in the presence of a large-scale quantum-capable attacker, and discusses for each affected system whether a) an alternative proof has been found that does provide security against quantum attacks, but possibly with a reduced security level, b) no alternative proof has been found, but security is expected to still hold, c) the cryptographic system is expected to be broken by quantum attacks, in a way which is not captured by the classical security proof, although no concrete quantum attack exists yet, or d) a concrete quantum attack that breaks security, in a way which is not captured by the classical proof, is available. Furthermore, the practical impact of these considerations is presented. Examples of cryptographic security proofs that are affected by quantum computing are proofs written with the Random-Oracle methodology (thus impacting the popular Fiat-Shamir and Fujisaki-Okamoto transforms), the rewinding technique for zero-knowledge proof systems, and the binding property of commitment schemes. A starting point for this work item is provided by the e-print paper “Post-Quantum Cryptography: Computational-Hardness Assumptions and Beyond” (https://eprint.iacr.org/2021/571)
|