- Posted by: mkt
- Category: Cryptographic
A study ordered by the Brazilian Central Bank, with the collaboration of Fenasbac, Brazil Quantum, and Microsoft evaluated the adequacy of some algorithms for PIX, the Brazilian instant payment method.
The execution of a post-quantum cryptographic algorithm implementation test in a banking system like the Brazilian instant payment method, PIX, reveals a concern in keeping the operations secure in the long term, without losing performance. Internationally, NIST (National Institute of Standards and Technology) is trying to define digital signatures and public-key cryptography standard by selecting the post-quantum algorithms more ready to prevent threats to digital security. The agency already picked possible candidates but has not yet defined its final choice.
Seeking to anticipate itself, the Brazilian Central Bank promoted the study “Analysis of the feasibility of applying post-quantum cryptography methods in PIX” and assessed one of the algorithms pre-selected by NIST, the PICNIC. Unfortunately, the results proved its incompatibility with PIX current demands, as it presents the total processing time of the selected operations significantly longer.
Even with a negative result, the study can be used as a foundation for the algorithm evolution until it is suitable for adoption.
In the meantime, in a context where it’s possible to secure exchange of keys and it isn’t mandatory to perform digital signature operations, the use of symmetric cryptographic algorithms can be an alternative, as it is considered Quantum safe, depending on the size of the key used. For example, the AES 256 would have its security reduced to 128 bits facing a Gover algorithm being executed in a CRQC (Cryptographic Relevant Quantum Computer), which is still considered secure even in a post-quantum scenario.
Besides the algorithms, it is important to highlight the necessity of using an HSM (Hardware Security Module) to keep the generated keys, with certifications that meet the international security standards.
KRYPTUS has a team of cryptologists (specialists in cryptography) for the study, evaluation, and development of solutions that are beyond current and future cybersecurity threats. It also brings the kNET HSM, a multitenant device of high performance, prepared to meet the requirements needed for the post-quantum evolution, natively offering symmetric cryptography algorithms and the guarantee of a secure environment for your processing, given by the international certification FIPS 140-2 Level 3.
More information about the study in: https://www.fenasbac.com.br/noticias/com-apoio-da-fenasbac-banco-central-brazil-quantum-e-microsoft-exploram-o-uso-de-criptografia-pos-quantica-para-melhorar-seguranca-do-sistema-pix