Presentation: The Quantum Risk & Future Post-Quantum Standards

Track: Scaling Security, from Device to Cloud

Location: St James, 4th flr.

Duration: 4:10pm - 5:00pm

Day of week: Wednesday

Share this on:

What You’ll Learn

  1. Hear about how quantum computing affects security and cryptography.
  2. Find out what to do to prepare data security for the coming of quantum computing.

Abstract

This talk will describe the risk of quantum computing to cryptography, in a way suitable to an audience without quantum physics nor cryptography background.  We will present the mitigations available today thanks to research in the field of post-quantum cryptography, and we'll review the ongoing standardization efforts from the US agency NIST, and what it impies for security applications in the coming years.

Question: 

What is the work that you're doing today?

Answer: 

My specialty is applied cryptography and more generally, information security. I'm running a startup company called Teserakt, which specializes in security for IoT systems. We do a new type of protocol to provide end-to-end encryption in the IoT context to protect data from the data producer to the data consumer.

Question: 

What are your goals for this talk?

Answer: 

To clarify a lot of misunderstandings and myths around quantum computing. A lot of things that you hear in the news or that you're hearing in vendor pitches are not accurate. I try to make this topic approachable, to give a clear message and also actionable advice, in order to help organizations manage the risks related to quantum computing.

Question: 

Can you give us a preview of the advice?

Answer: 

Today the main risk is that quantum computers could break all the public-key cryptography deployed today, such as RSA and elliptic curve signatures, which are for example used in Bitcoin and cryptocurrencies. To address the issue today, we can use a type of cryptographic algorithms called post-quantum cryptography. The NIST agency is currently working on standardizing such algorithms, and a number of software tools are available today to integrate post-quantum cryptography in applications.

A second type of advice I would give is that the risk is greater for encryption than for digital signatures signature: messages encrypted today might be decrypted 50 years from now, if a quantum computer is then available. However, a digital signature issued today can be later replaced by a post-quantum one, if quantum computers become a real threat. That is, there is a way to salvage the security of signatures, but not that of encryption.

Speaker: Jean-Philippe Aumasson

Author of "Serious Cryptography", Designer of Hash Functions BLAKE3 and BLAKE2

Jean-Philippe (JP) Aumasson is the founder and managing director of Teserakt, a Swiss-based company specialised in IoT security and offering an end-to-end encryption solution. He is an expert in cryptography and the author of the reference book Serious Cryptography (No Starch Press, 2017). He designed the widely used cryptographic algorithms SipHash and BLAKE2, which he developed after a PhD from EPFL (Switzerland, 2009). He regularly speaks at leading security conferences about topics such as applied cryptography, quantum computing, or blockchain security.

Find Jean-Philippe Aumasson at

Similar Talks

Scaling N26 Technology Through Hypergrowth

Qcon

Software Engineer and Tech Lead @N26

Folger Fonseca

How to Debug Your Team

Qcon

Senior VP Engineering @spring_health, former VP Engineering @Meetup

Lisa van Gelder

Trust, the Secret Ingredient in High Performing Team

Qcon

Site Reliability Engineer @immersivelabsuk

Jaycee Cheong

Monitoring All the Things: Keeping Track of a Mixed Estate

Qcon

Principal Engineer Operations and Reliability Programme @FT

Luke Blaney

3 Disciplines for Leading a Distributed Agile Organization

Qcon

Distributed Coach/Mentor & Community Cultivator

Mark Kilby

Tracks

Monday, 2 March

Tuesday, 3 March

Wednesday, 4 March

Download the QCon App!

Available on iOS and Android

The QCon app helps you make the most of your conference experience. Easily browse and follow the conference schedule, star the talks you want to attend, and keep tabs on your personal itinerary. Download the app now for free on iOS and Android.

QCon - iOS QCon - Android
QCon