PQCRYPTO: making encryption future-proof
Online banking, e-commerce, mobile communication, and cloud computing all depend on cryptographic algorithms, which scramble data to prevent unauthorised access. The algorithms used today are quite effective and very difficult to break. This is likely to change as quantum computers are developed. These machines will be able to perform vast numbers of calculations, and could be used to break cryptographic algorithms and make private data public.
The EU-funded project PQCRYPTO worked on post-quantum cryptography, developing new cryptographic systems that are both secure now and in the future against possible attacks by quantum computers. This is crucial for data that needs to be kept for many years, such as healthcare records and confidential state documents.
The project researched ways to protect embedded devices (small computers that are part of a bigger device, such as a mobile phone, printer or dishwasher) against hacking. They also worked on the integration of high-security post-quantum cryptography into the internet, which is especially important as many websites do not currently meet recommended cryptographic requirements. In addition, they focused on cryptography for cloud services, which are very useful for storing and sharing documents, but are vulnerable to infiltration and attacks. They aimed to provide 50 years of protection for files stored in the cloud, even if a cloud service provider is not trustworthy.
The systems devised by PQCRYPTO are designed to increase the range of cryptographic algorithms currently in use, ward off future attacks by quantum computers, and ensure that encrypted data cannot be stored by attackers or decrypted once the right technology is available. An algorithm developed by PQCRYPTO is currently being deployed for Google’s servers on a trial basis.
PQCRYPTO in brief
- Total Budget: EUR 3 964 791.25 (EU contribution: EUR 3 851 791.25)
- Duration: 03/2015-02/2018
- Countries involved: Netherlands (coordinator), Belgium, Denmark, France, Germany, Israel, Taiwan.
Key figures in the European Union
- 4 out of 10 EU internet users provide payment details online.
- In the EU in 2016, one third of internet users used cloud services.
- The average company experiences 130 security breaches each year.
Cybersecurity and trust
While opening up new opportunities for citizens to connect and disseminate information, digital technologies have also brought about new risks. These include increasing cyber-attacks and fraud, stealing data, and attempts to destabilise our democracies. It is crucial to invest in cybersecurity, as trust and awareness are the foundation for a functioning Digital Single Market.
The EU has responded to these challenges, for example by adopting the Directive on Network and Information Security and proposing a new mandate for the European Network and Information Security Agency (ENISA) along with a new framework for certifying cybersecurity in digital products and solutions. The Commission’s proposed new Digital Europe Programme also includes EUR 2 billion of funding for cybersecurity.