MOTIVATION
Post-Quantum Cryptography (PQC), also known as Quantum-Resistant Cryptography (QRC), focuses on developing cryptographic algorithms and protocols designed to withstand the computational power of quantum computers. The National Institute of Standards and Technology (NIST) has announced four candidate PQC algorithms expected to be standardized soon. Hence, current users of traditional cryptography should plan to upgrade their cryptographic architectures towards PQC as this process will most likely take several years. However, users will also want to include Quantum Cryptography (QC) (in particular Quantum Key Distribution, QKD) in their upgrades towards fully quantum-safe network. As quantum memories are not yet available, QKD for large distances requires trusted nodes, including satellite nodes (under development in the context of EuroQCI). The structure and management of such QKD networks are currently under study. Moreover, it must be ensured that protection goals such as confidentiality, integrity and authenticity are also met. In this context, both NIST and the European Union are recommending to adopt a crypto-agile approach to maintain a systemic level of trust and rapidly adapt to new cryptographic methods. Essentially, this approach involves combining PQC and QKD. However, in the context of our COST Action 6G PHYSEC, crypto-agility means hybridizing PQC and classical&quantum physical layer security. Crypto-agility offers clear benefits:
End-to-end crypto-agile design (6G use-cases, AI-driven/powered designs, architectures, hardware/software, protocols, zero-trust framework, key management, etc)
Threats and Security Analysis (cryptographic and information theoretical metrics)
Contribution to Standardization (agile classical and quantum solutions, security frameworks beyond CIA triad)