A new report published by the European Union Agency for Cybersecurity (ENISA) explores the necessity to design new cryptographic protocols and integrate post-quantum systems into existing protocols.
Can we integrate post-quantum algorithms to existing protocols? Can new protocols be designed around post-quantum systems? What's the role of double encryption and double signatures? What changes will new post-quantum algorithms impose to existing protocols? These are some of the questions that ENISA explores in ‘Post-Quantum Cryptography: Anticipating Threats and Preparing the Future’.
The transition to post-quantum cryptography (PQC) does not end with the selection and standardisation of post-quantum algorithms. Integration with existing systems and protocols is also required. The report focuses on the necessity to resort to future-proofing and for the acquisition of knowledge not limited to external standards.
The report answers the difficult questions raised by post-quantum cryptography in order to make sure we will avoid jeopardising today's public key cryptosystems, e-commerce, digital signatures, electronic identities, etc.
The report includes a number of technical recommendations such as:
- Developing guidelines for major use cases to assess the different trade-offs and systems best matching application scenarios;
- New protocols or major changes in existing protocols should be PQC aware, taking into account the integration needs of PQC systems;
- The use of a hybrid systems which could translate into a post-quantum cryptography added as an extra layer to pre-quantum cryptography.