When quantum computers become a reality, many of today’s data security methods will offer insufficient protection. The Classic McEliece cryptosystem has now been approved by ISO as a standard for the quantum era.

Last month, the Classic McEliece cryptosystem was approved by the International Organisation for Standardisation (ISO) and adopted as an international standard for ‘post-quantum cryptography’. This means that, according to the ISO, digital communications can be robustly and securely protected using Classic McEliece, even in a future world with quantum computers.

This is reported in various news articles by several research groups that have contributed to the system, such as the Coding Theory and Cryptology group at Eindhoven University of Technology and the Department of Computer Science at the University of Warwick in the UK.

Threat

Quantum computers pose a threat to the encryption methods currently most widely used to secure data. The security of things like email, online banking and online shopping usually relies on complex mathematical ‘puzzles’ that cannot be cracked using a normal computer. However, the advent of the quantum computer is expected to change this, as it can perform calculations much faster than a conventional computer.

For example, many security systems are based on large prime numbers that are difficult to determine, but there is already an algorithm for quantum computers that renders this method useless ( Shor’s algorithm).

Method

Classic McEliece is based on an encryption system dating from 1978, which was developed at the time by Robert McEliece. Instead of using mathematical problems, it works with error-correcting codes: extra data – call them code words – which are added to the data and render the information unreadable to unauthorised parties.

Other methods for securing data, even in the age of the quantum computer, use multidimensional lattices or photons whose properties change if someone tries to break in.

An important step

The ISO’s approval of Classic McEliece is an important step towards the wider adoption of post-quantum cryptography, according to a press release from TU/e. This is because many governments, businesses and public organisations can only implement new cryptographic technologies once internationally recognised standards are in place.

Featured image: Depositphotos