cryptanalysis – WindowsTechs.com

New Lattice Cryptanalytic Technique

Posted on April 15, 2024 by Bruce Schneier

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems.

A few things to note. One, this paper has not yet been peer reviewed. As this comment points out: “We had already some cases where efficient quantum algorithms for lattice problems were discovered, but they turned out not being correct or only worked for simple special cases.”

Two, this is a quantum algorithm, which means that it has not been tested. There is a wide gulf between quantum algorithms in theory and in practice. And until we can actually code and test these algorithms, we should be suspicious of their speed and complexity claims…

Continue reading New Lattice Cryptanalytic Technique→

In Memoriam: Ross Anderson, 1956–2024

Posted on April 10, 2024 by Bruce Schneier

Last week, I posted a short memorial of Ross Anderson. The Communications of the ACM asked me to expand it. Here’s the longer version.
EDITED TO ADD (4/11): Two weeks before he passed away, Ross gave an 80-minute interview where he told his life … Continue reading In Memoriam: Ross Anderson, 1956–2024→

Ross Anderson

Posted on April 1, 2024 by Bruce Schneier

Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge.

I can’t remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. (Okay, he created both—I helped.) It was before 1998, when we wrote about the problems with key escrow systems. I was one of the people he brought to the Newton Institute, at Cambridge University, for the six-month cryptography residency program he ran (I mistakenly didn’t stay the whole time)—that was in 1996…

Continue reading Ross Anderson→

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Posted on February 26, 2024 by Bruce Schneier

Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022.

There’s a lot of detail in the Apple blog post, and more in Douglas Stabila’s security analysis.

I am of two minds about this. On the one hand, it’s probably premature to switch to any particular post-quantum algorithms. The mathematics of cryptanalysis for these lattice and other systems is still rapidly evolving, and we’re likely to break more of them—and learn a lot in the process—over the coming few years. But if you’re going to make the switch, this is an excellent choice. And Apple’s ability to do this so efficiently speaks well about its algorithmic agility, which is probably more important than its particular cryptographic design. And it is probably about the right time to worry about, and defend against, attackers who are storing encrypted messages in hopes of breaking them later on future quantum computers…

Continue reading Apple Announces Post-Quantum Encryption Algorithms for iMessage→

Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms

Posted on February 14, 2024 by Bruce Schneier

The winner of the Best Paper Award at Crypto this year was a significant improvement to lattice-based cryptanalysis.
This is important, because a bunch of NIST’s post-quantum options base their security on lattice problems.
I worry about standard… Continue reading Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms→

David Kahn

Posted on February 2, 2024 by Bruce Schneier

David Kahn has died. His groundbreaking book, The Codebreakers was the first serious book I read about codebreaking, and one of the primary reasons I entered this field.
He will be missed.
EDITED TO ADD (2/4): Funeral website.
EDITED TO ADD (2/10): Ne… Continue reading David Kahn→

Improving Shor’s Algorithm

Posted on January 5, 2024 by Bruce Schneier

We don’t have a useful quantum computer yet, but we do have quantum algorithms. Shor’s algorithm has the potential to factor large numbers faster than otherwise possible, which—if the run times are actually feasible—could break both the RSA and Diffie-Hellman public-key algorithms.

Now, computer scientist Oded Regev has a significant speed-up to Shor’s algorithm, at the cost of more storage.

Details are in this article. Here’s the result:

The improvement was profound. The number of elementary logical steps in the quantum part of Regev’s algorithm is proportional to …

Continue reading Improving Shor’s Algorithm→

GCHQ Christmas Codebreaking Challenge

Posted on December 20, 2023 by Bruce Schneier

Looks like fun.
Details here.
Continue reading GCHQ Christmas Codebreaking Challenge→

CrypTool – How to determine what type of encryption has been used?

Posted on November 30, 2023 by Qmails

I have a few questions about CrypTool.

How can you use the text analysis tools available in CrypTool to determine the encryption algorithm for a given ciphertext?

How can you use CrypTool’s text analysis tools to determine the password u… Continue reading CrypTool – How to determine what type of encryption has been used?→

Model Extraction Attack on Neural Networks

Posted on October 10, 2023 by Bruce Schneier

Adi Shamir et al. have a new model extraction attack on neural networks:

Polynomial Time Cryptanalytic Extraction of Neural Network Models

Abstract: Billions of dollars and countless GPU hours are currently spent on training Deep Neural Networks (DNNs) for a variety of tasks. Thus, it is essential to determine the difficulty of extracting all the parameters of such neural networks when given access to their black-box implementations. Many versions of this problem have been studied over the last 30 years, and the best current attack on ReLU-based deep neural networks was presented at Crypto’20 by Carlini, Jagielski, and Mironov. It resembles a differential chosen plaintext attack on a cryptosystem, which has a secret key embedded in its black-box implementation and requires a polynomial number of queries but an exponential amount of time (as a function of the number of neurons)…

Continue reading Model Extraction Attack on Neural Networks→