This Canva presentation was created by me in order to provide understanding in security aspects of the Post-Quantum Cryptography nominations in NIST Post-Quantum Cryptography standardization.
Last updated
There are some security standard definitions provided in the "Submission Requirements and Evaluation Criteria for the Post-Quantum Cryptography Standardization Process" by NIST.
IND-CCA2 (Indistinguishability under Adaptive Chosen-Ciphertext Attack)
IND-CPA (Indistinguishability under Chosen-Plaintext Attack)
The parameter sets being compared provide comparable security
To allow NIST to make prudent future decisions regarding when to transition to longer keys.
To help submitters make consistent and sensible choices regarding what symmetric primitives to use in padding mechanisms
To better understand the security/performance tradeoffs involved in a given design approach.
Key search on a block cipher with a 128-bit key (e.g. AES128)
Collision search on a 256-bit hash function (e.g. SHA256/ SHA3-256)
Key search on a block cipher with a 192-bit key (e.g. AES192)
Collision search on a 384-bit hash function (e.g. SHA384/ SHA3-384)
Key search on a block cipher with a 256-bit key (e.g. AES 256)
Circuit depth is the count of time steps needed to execute all the gates in a quantum circuit
