CCCCatalyzing the computing research community and enabling the pursuit of innovative, high-impact research.
  • Twitter
  • Facebook
  • Youtube
  • Rss
  • About
    • About CCC
    • Council Members
    • Council Meetings
    • CCC Council Nominations
    • Governing Documents
    • FAQ
    • Contact
  • Visioning
    • RFP – Creating Visions for Computing Research
    • Blue Sky
    • Computing Visions 2025
    • Visioning Activities
      • 2019
      • 2018
      • 2017
      • 2016
      • 2015
      • 2014
      • 2013
      • 2012
      • 2011 and Prior Years
    • Workshop Reports
  • Leadership Development
    • Call for Council Nominations
    • Big Data Regional Hubs
    • Leadership in Science Policy Institute
    • Postdoc Best Practices
      • Postdoc Best Practice Final Reports
      • Postdoc Best Practice Resources
    • CIFellows
      • CI Fellows 2014 Workshop
      • 2011 Class
      • 2010 Class
      • 2009 Class
      • Assessment
      • Success Stories
      • Diversity
  • Task Forces
    • AI Working Group
    • Industry Collaboration Working Group
    • Cybersecurity and Cybercrime
    • Health and Human Computer Interaction
    • Information Integrity and Provenance
    • Intelligent Infrastructure
    • Fairness and Accountability
    • Systems and Architecture
    • Past Task Forces
  • Resources
    • Workshop Reports
    • CCC-Led White Papers
    • Presentations
    • CCC Responds to the Community
    • Recent CCC Activities
    • Ongoing CCC Activities
    • Computing Research in Action
    • Computing Research Highlights
    • Great Innovative Ideas
    • Event Videos
  • Events
    • Upcoming Events
    • Special Events
    • Past Events
    • CCC at AAAS
      • CCC at AAAS 2019
      • CCC at AAAS 2018
      • CCC at AAAS 2017
      • CCC at AAAS 2016
      • CCC at AAAS 2013
  • Blog
  • CCC by CS Area
  • Podcast
  • Search
  • Menu

Identifying Research Challenges in Post Quantum Cryptography Migration and Cryptographic Agility


January 31-February 1, 2019

Washington, DC
Washington D.C., DC, USA



Event Contact

Ann Drobnis
adrobnis@cra.org
2022662936


Event Type

2019 Events, 2019 Visioning Activities


Event Category

CCC

Overview

The implications of sufficiently large quantum computers for widely used public-key cryptography is well documented, and increasingly discussed by the security community. An April 2016 report by the National Institute of Standards and Technology (NIST), notably, calls out the need for new standards to replace cryptosystems based on integer factorization and discrete logarithm problems, which have been shown to be vulnerable to Shor’s algorithm. Specifically, widely used RSA, ECDSA, ECDH, and DSA cryptosystems will need to be replaced by post-quantum cryptography (PQC, also known as quantum-resistant cryptography) alternatives. To realize this, NIST has actively led a PQC standardization effort since December of 2016, leveraging a large and international research community.  The effort is expected to take five or more years to vet proposals, and to select alternatives that are believed to be secure against both quantum and classical computers.

While NIST’s standardization effort aims to determine which PQC algorithms are robust enough to provide suitable alternatives for the threat of quantum computers, that effort does not address the problem of migration from today’s widely deployed algorithms to future PQC alternatives. There are some important reasons why this migration problem has urgency to many industries and governments worldwide: risk stemming from an uncertain quantum computing development timeline, the time and complexity of migration (historically, cryptographic standards migrations can take a decade or more), concern over the possibility of “data vaulting” (in which an adversary captures encrypted data for later attack when quantum computers become available), and the likelihood that migration considerations will inform NIST’s evaluation of PQC proposals.

The overall objective of this workshop is to identify academic research challenges in PQC migration and cryptographic agility.  That is, organizers seek to identify aspects of the complex and global migration to new public-key cryptography standards that could benefit from a more rigorous study and analysis.  While specific discussion topics will be selected, the technical space broadly centers around two key themes:

  1. Identifying constituent challenges in PQC migration

    While the NIST PQC standardization effort looks in depth at cryptographic algorithms, workshop organizers believe there is a rich space of challenges to be addressed surrounding the application of candidate algorithms to specific contexts and understanding how migration will be accomplished.  How well do PQC families and specific approaches “fit” or “not fit” a broad range of public-key cryptography usage domains–PKI, key management systems, authenticated web communication (TLS), secure point-to-point communication (SSH), transport security (IPSec), key agreement, identification and authentication, password authenticated key exchange (PAKE), and more? For each domain and platform type, what migration approaches will support the transition to new PQC algorithms without loss of interoperability and functionality during the transition period?  What is the attack surface and risk profile associated with each approach? Can these approaches be shared across platforms and application contexts to develop migration frameworks? Are there frameworks that can be applied transparently to protocols or systems that lack inherent migration mechanisms?

  2. Reimagining the scope and science of “cryptographic agility”

    While “cryptographic agility” is frequently seen as a narrow implementation concern (i.e., the ability to replace component algorithms), we believe there is a need to broaden and recast the scope of agility to that of developing secure frameworks that enable ongoing cryptographic advancements in a wide variety of system, protocol, and application contexts.  Could there be a principled science of cryptographic agility that more rigorously considers a broad spectrum of frameworks, a robust analysis of correctness and security, a deeper understanding of attack surfaces, and an exploration of domain-specific (e.g., protocol, application, system) issues? What does it mean for an algorithm, a piece of code, a protocol, an application, a system, an entire infrastructure to be cryptographically agile?  What are the defining challenges, problem domains, and applications of cryptographic agility, broadly defined?

To discuss these challenges, the workshop will intentionally bring together researchers and thought leaders from three distinct communities: PQC researchers who are involved in the design and analysis of cryptographic algorithms, applied cryptography researchers who focus more extensively on the application and implementation of cryptography to a variety of spheres, and systems security researchers who use cryptography as a building block in real-world security architectures and solutions (e.g., trusted computing, cloud security).

Agenda

January 31, 2019 (Thursday)

04:00 PM Welcome Reception | Seaport
05:00 PM Introduction / Event Overview | Seaport
05:15 PM Group Introductions | Seaport
05:45 PM Dinner- Served | Seaport
06:15 PM Dinner- Context Setting | Seaport
06:30 PM Dinner- Unstructured 5-minute Comments | Seaport
07:45 PM Adjourn | Seaport

February 1, 2019 (Friday)

08:00 AM Breakfast | Seaport 2
08:30 AM Introduction / Event Overview | Seaport 1
08:45 AM Theme 1: PQC Migration | Seaport 1
09:00 AM Breakout Group Discussion | Seaport 1, Marina, The Slip
10:00 AM Group Reports | Seaport 1
10:30 AM Break | Seaport 1
11:00 AM Theme 2: Cryptographic Agility | Seaport 1
11:15 AM Breakout Group Discussion | Seaport 1, Marina, The Slip
12:15 PM Lunch | Seaport 2
01:15 PM Group Reports | Seaport 1
01:45 PM Break | Seaport 1
02:15 PM Theme 3: TBD | Seaport 1
02:30 PM Breakout Group Discussion | Seaport 1, Marina, The Slip
03:30 PM Group Reports | Seaport 1
04:00 PM Closing Group Discussion | Seaport 1
04:30 PM Workshop Ends | Seaport 1
Agenda (PDF)

AGENDA- Post Quantum Workshop v2

Organizers

Organizing Committee:

David Ott, VMware
Conte
Christopher Peikert, University of Michigan
DeBenedictis

With Support From:

Mark Hill, University of Wisconsin, Madison and CCC Chair
Hill
Ann Drobnis, CCC Director
Yelick
Chris Ramming, VMware
Ganesh
Logistics

January 31 – February 1, 2019 (5:00 pm Thu to 4:30 pm Fri)

The Computing Community Consortium (CCC) will cover travel expenses for all participants who desire it. Participants are asked to make their own travel arrangements to get to the workshop, including purchasing airline tickets. Following the symposium, CCC will circulate a reimbursement form that participants will need to complete and submit, along with copies of receipts for amounts exceeding $75.

In general, standard Federal travel policies apply: CCC will reimburse for non-refundable economy airfare on U.S. Flag carriers; and no alcohol will be covered.

For more information, please see the Guidelines for Participant Reimbursements from CCC.

Additional questions about the reimbursement policy should be directed to Ann Drobnis, CCC Director (adrobnis [at] cra.org).

CRA - Uniting Industry, Academia and Government to Advance Computing Research and Change the World.
CCC - Catalyzing the computing research community and enabling the pursuit of innovative, high-impact research.
CRA-W - Increasing the success and participation of women in computing research.
CRA-E - Addressing society’s need for a continuous supply of talented and well-educated computing researchers.
CERP - Promoting diversity in computing through evaluation and research.
CRA Home | Contact Us | Unsubscribe/Removal of Information | Terms of Use         © Copyright 2019 - CRA
Artificial Intelligence Roadmap Workshop 2 – Interaction Artificial Intelligence Roadmap Workshop 3 – Self Aware Learning
Scroll to top