https://motherboard.vice.com/en_us/article/ibm-17-qubit-quantum-processor-co... https://www.research.ibm.com/ibm-q/ IBM Fronts at least 17 Q-bits to the World's Private Buyers, 50 rough Q-Bits by Many Entities within 1 Year http://csrc.nist.gov/groups/ST/post-quantum-crypto/ The National Institute of Standards and Technology (NIST) is now accepting submissions for quantum-resistant public-key cryptographic algorithms. The deadline for submission is November 30, 2017. Please see the Post-Quantum Cryptography Standardization menu at left for the complete submission requirements and evaluation criteria. In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks. The question of when a large-scale quantum computer will be built is a complicated one. While in the past it was less clear that large quantum computers are a physical possibility, many scientists now believe it to be merely a significant engineering challenge. Some engineers even predict that within the next twenty or so years sufficiently large quantum computers will be built to break essentially all public key schemes currently in use. Historically, it has taken almost two decades to deploy our modern public key cryptography infrastructure. Therefore, regardless of whether we can estimate the exact time of the arrival of the quantum computing era, we must begin now to prepare our information security systems to be able to resist quantum computing. https://eprint.iacr.org/2017/424 Cryptology ePrint Archive: Report 2017/424 On Reliability, Reconciliation, and Error Correction in Ring-LWE Encryption Markku-Juhani O. Saarinen Abstract: We describe a new reconciliation method for Ring-LWE that has a significantly smaller failure rate than previous proposals while reducing ciphertext size and the amount of randomness required. It is based on a simple, deterministic variant of Peikert's reconciliation that works with our new ``safe bits'' selection and constant-time error correction techniques. The new method does not need randomized smoothing to achieve non-biased secrets. When used with the very efficient ``New Hope'' Ring-LWE parametrization we achieve a decryption failure rate well below 2−128 (compared to 2−60 of the original), making the scheme suitable for public key encryption in addition to key exchange protocols; the reconciliation approach saves about 40% in ciphertext size when compared to the common LP11 Ring-LWE encryption scheme. We perform a combinatorial failure analysis using full probability convolutions, leading to a precise understanding of decryption failure conditions on bit level. Even with additional implementation security and safety measures the new scheme is still essentially as fast as the New Hope but has slightly shorter messages. The new techniques have been instantiated and implemented as a Key Encapsulation Mechanism (KEM) and public key encryption scheme designed to meet the requirements of NIST's Post-Quantum Cryptography effort at very high security level. Category / Keywords: public-key cryptography / Ring-LWE, Reconciliation, Post-Quantum Encryption, New Hope Date: received 16 May 2017 Contact author: mjos at iki fi https://eprint.iacr.org/2017/351 Cryptology ePrint Archive: Report 2017/351 Post-quantum RSA Daniel J. Bernstein and Nadia Heninger and Paul Lou and Luke Valenta Abstract: This paper proposes RSA parameters for which (1) key generation, encryption, decryption, signing, and verification are feasible on today's computers while (2) all known attacks are infeasible, even assuming highly scalable quantum computers. As part of the performance analysis, this paper introduces a new algorithm to generate a batch of primes. As part of the attack analysis, this paper introduces a new quantum factorization algorithm that is often much faster than Shor's algorithm and much faster than pre-quantum factorization algorithms. Initial pqRSA implementation results are provided. Category / Keywords: public-key cryptography / post-quantum cryptography, RSA scalability, Shor's algorithm, ECM, Grover's algorithm, Make RSA Great Again Original Publication (in the same form): PQCrypto 2017 Date: received 19 Apr 2017 Contact author: authorcontact-pqrsa at box cr yp to