Secure & Privacy-friendly Information Processing:

Post-Quantum Cryptography

Cryptography based on Post-Quantum Assumptions. Diversifying those Assumptions.


Almost all public key cryptography conceived in the 20th century is based on hard problems from number theory. The discovery of quantum algorithms capable of solving these problems efficiently marked a foundational crisis of public key cryptography. Finding alternatives based on problems conjectured to be hard even for quantum computers has become a thriving field of research. However, despite 20 years of research, and despite many successes there are still many important primitives and applications for which no post-quantum secure protocols are known.


Diversifying Post-Quantum Assumptions. Many proposals in post-quantum secure cryptography are based on hard problems in lattices. While many assumptions in this class are conjectured to be secure against quantum computers, lattice problems still expose a lot of structure and there have been doubts about the post-quantum security of certain lattice problems recently. Hard problems from coding theory are an alternative to lattice problems and expose less structure. Our research in this direction has shown that many powerful cryptographic objects can also be constructed from coding assumptions.

Towards basing all of cryptography on Post Quantum Assumptions. Currently, many important cryptographic primitives can only be realized from number-theoretic assumptions. Specifically, many tasks that require low round or low communication complexity can currently only be realized with quantum-insecure assumptions. Finding post-quantum secure counterparts to these constructions is a pressing issue and a central topic of our research in this field.