## Post-Quantum RSA

Interesting research on a version of RSA that is secure against a quantum computer:

Post-quantum RSA

Daniel J. Bernstein, Nadia Heninger, Paul Lou, and Luke Valenta

Abstract: This paper proposes RSA parameters for which (1) key generation, encryption, decryption, signing, and verification are feasible on today’s computers while (2) all known attacks are infeasible, even assuming highly scalable quantum computers. As part of the performance analysis, this paper introduces a new algorithm to generate a batch of primes. As part of the attack analysis, this paper introduces a new quantum factorization algorithm that is often much faster than Shor’s algorithm and much faster than pre-quantum factorization algorithms. Initial pqRSA implementation results are provided.

Who? • May 31, 2017 7:12 AM

I haven’t read the paper yet, just did a fast look at it, so I may be wrong here. Will read the full document later.

It seems that using carefully chosen RSA parameters we can have quantum resistant RSA cryptography on our current hardware. So, it should be possible, let us say, generating a pair of RSA certificates in a computer that implements these parameters and move them to a smart card (obviously smart card themselves will not generate quantum computing resistant certificates yet).

Will a firmware upgrade on the readers add this feature to hardware?

Well, at least libraries like LibreSSL should implement the new prime generation algorithms.