"Post-quantum Encryption Contender Is Taken Out by Single-Core PC and 1 Hour"
A new attack involving a single traditional computer broke a fourth-round candidate in the US government's ongoing campaign aimed at protecting data in the age of quantum computers, highlighting the risks involved in standardizing the next generation of encryption algorithms. The US Department of Commerce's National Institute of Standards and Technology (NIST) chose four post-quantum computing encryption algorithms last month to replace algorithms such as RSA, Diffie-Hellman, and elliptic curve Diffie-Hellman, which are vulnerable to quantum computer attacks. In a similar manner, NIST advanced four more algorithms as prospective replacements pending additional testing in the hopes that one or more of them would also work as acceptable encryption options in a post-quantum world. The new attack breaks Supersingular Isogeny Key Encapsulation (SIKE), one of the four extra algorithms. The four post-quantum computing algorithms chosen by NIST as approved standards, all of which rely on entirely distinct mathematical methods from SIKE, are unaffected by the attack. SIKE is likely out of the running because of a study published by KU Leuven researchers from the Computer Security and Industrial Cryptography group. Their paper, titled "An Efficient Key Recovery Attack on SIDH (Preliminary Version)," outlined a method for recovering the encryption keys safeguarding SIKE-protected transactions, which involves using complex mathematics and a single traditional PC. The process, developed by researchers Wouter Castryck and Thomas Decru, only takes about an hour. SIKE is the second post-quantum computing candidate designated by NIST to be invalidated this year. Ward Beullens, an IBM researcher, published research in February that compromised the security of Rainbow, a cryptographic signature scheme. This article continues to discuss the invalidation of SIKE.
Ars Technica reports "Post-quantum Encryption Contender Is Taken Out by Single-Core PC and 1 Hour"