Security News > 2022 > August > Post-quantum crypto cracked in an hour with one core of an ancient Xeon
One of the four encryption algorithms the US National Institute of Standards and Technology recommended as likely to resist decryption by quantum computers has has holes kicked in it by researchers using a single core of an Intel Xeon CPU, released in 2013.
"Ran on a single core, the appended Magma code breaks the Microsoft SIKE challenges $IKEp182 and $IKEp217 in about 4 minutes and 6 minutes, respectively. A run on the SIKEp434 parameters, previously believed to meet NIST's quantum security level 1, took about 62 minutes, again on a single core," wrote Castryck and Decru, of Katholieke Universiteit Leuven in a a preliminary article [PDF] announcing their discovery.
Quantum-resistant encryption research is a hot topic because it is felt that quantum computers are almost certain to become prevalent and sufficiently powerful to crack existing encryption algorithms.
Alongside the vintage processor, Castryck and Decru used a key recovery attack on the Supersingular Isogeny Diffie-Hellman key exchange protocol that was based on Ernest Kani's "Glue-and-split" theorem.
"The attack exploits the fact that SIDH has auxiliary points and that the degree of the secret isogeny is known. The auxiliary points in SIDH have always been an annoyance and a potential weakness, and they have been exploited for fault attacks, the GPST adaptive attack, torsion point attacks, etc." argued University of Auckland mathematician Stephen Galbraith in his cryptography blog.
Security researcher Kenneth White tweeted his awe and noted "In 10-20 yrs we *might* have practical quantum computers, so let's roll out replacement PQ crypto now. Which could be trivially broken today, on a laptop."