Author

Topic: Standardization for new cryptographic algorithms (Read 76 times)

member
Activity: 691
Merit: 51
November 24, 2023, 06:12:29 PM
#1
NIST or some other institution should consider evaluating and standardizing new cryptographic functions including new cryptographic hash functions, block ciphers, and cryptographically secure pseudorandom number generators (and probably other functions as well, but I am not concerned with public key cryptography and digital signatures at the moment). The reason for this is that our current cryptographic functions are not very compatible with future computing technology. Here are some things that I hope from such an evaluation procedure but which were not present in the standardization process for cryptographic functions such as AES.

1. The cryptographic functions need to be designed for reversible computation. Reversible computation in the future of computation, and cryptographic functions need to be designed for reversibility. Not only will (partially) reversible cryptographic functions that run on reversible hardware be more energy efficient, but reversible hardware is more resistant to side channel attacks.

2. The standardization process should include automatic evaluation of both the security and efficiency of cryptographic functions. It will be fairly straightforward to design the criteria for automatically evaluating the efficiency of the cryptographic functions since every component of the cryptographic function will have a cost, and the final cost will be calculated from the individual components. But the evaluation of the security of the cryptographic functions is a little bit more tricky. The measures of security should be robust enough so that it will not be feasible to create an insecure cryptographic function that scores well with respect to these measures of security but which is still insecure. For example, a measure of security for a round function for a block cipher should give isomorphic round functions the exact same level of cryptographic security.

3. The automatic evaluation criteria for the efficiency should be coded manually, but the automatic evaluation criteria for the security should incorporate new AI models. These AI models can search for weaknesses in the cryptographic algorithm, and the cryptographic functions should pass the scrutiny of these AI models.

-Joseph Van Name Ph.D.
Jump to: