Switching to the new PQC standards provides resistance against "harvest now, decrypt later" attacks by quantum computers (which RSA and ECC definitely do not provide). However, there are some caveats. 1) It's not clear when cryptographically relevant quantum computers will be built, so switching to PQC schemes might not be worth the cost. 2) The PQC standards are relatively new, so there is always the possibility that classical and quantum attacks will be discovered on the new schemes. This suggests using "hybrid" modes, where a new PQC scheme is used together with a traditional ECC scheme; however, this increase implementation complexity. 3) Implementing the new schemes will be challenging, which increases the risk of side-channel attacks and security vulnerabilities due to poor implementations.
@@cryptography101-alfredSir What’s the way ahead for Digital Certificate tech with new newer PQC Digital Signatures Algorithm. What are the Challenges and Solutions.
@@anmoladarsh8928From a cryptographic point of view, the main change will be to replace the signing algorithm (e.g. RSA or ECDSA) used by the CA with a quantum-safe one (Dilithium). This change is conceptually simple, but there will be many practical challenges, e.g. rewriting standards, accommodating the larger public keys and signatures, secure implementations, implementing the new signature schemes in constrained devices, whether to use a hybrid scheme or not.
![Lp. Сердце Вселенной #60 РОЖДЕНИЕ ЛОЛОЛОШКИ [Финал] • Майнкрафт](http://i.ytimg.com/vi/YoR0pAV9FVQ/mqdefault.jpg)
The lecture slides are available at the course web page: cryptography101.ca/kyber-dilithium/
Typo in slide 16: "SP 800-28" should be "SP 800-208".
Thank you for making such a good lecture. It helped me a lot.
I'm glad that you found the lecture useful!
sir can you please explain how will the cyber security risk reduces for the organization switching to pqc new standards
Switching to the new PQC standards provides resistance against "harvest now, decrypt later" attacks by quantum computers (which RSA and ECC definitely do not provide). However, there are some caveats. 1) It's not clear when cryptographically relevant quantum computers will be built, so switching to PQC schemes might not be worth the cost. 2) The PQC standards are relatively new, so there is always the possibility that classical and quantum attacks will be discovered on the new schemes. This suggests using "hybrid" modes, where a new PQC scheme is used together with a traditional ECC scheme; however, this increase implementation complexity. 3) Implementing the new schemes will be challenging, which increases the risk of side-channel attacks and security vulnerabilities due to poor implementations.
@cryptography101-alfred Thanks a lot sir
@@cryptography101-alfredSir What’s the way ahead for Digital Certificate tech with new newer PQC Digital Signatures Algorithm. What are the Challenges and Solutions.
@@anmoladarsh8928From a cryptographic point of view, the main change will be to replace the signing algorithm (e.g. RSA or ECDSA) used by the CA with a quantum-safe one (Dilithium). This change is conceptually simple, but there will be many practical challenges, e.g. rewriting standards, accommodating the larger public keys and signatures, secure implementations, implementing the new signature schemes in constrained devices, whether to use a hybrid scheme or not.
@@cryptography101-alfred Thank you sir .By the way I am really enjoying your lectures on Kyber and Dilithium