Nasedkin P.N., Sverkunov V.A. Сryptographic algorithms on the way to post-quantum cryptog-raphy // Informacionnye tehnologii i matematicheskoe modelirovanie v upravlenii slozhnymi sistemami: ehlektronnyj nauchnyj zhurnal [Information technology and mathematical modeling in the management of complex systems: electronic scientific journal], 2022. No. 4(16). P. 67-73. DOI: 10.26731/2658-3704.2022.4(16).67-73 [Accessed 23/12/22].
10.26731/2658-3704.2022.4(16).67-73
This paper analyzes the vulnerability of cryptographic algorithms that provide one or more of the following services: creation and exchange of encryption keys, encrypted connections, or creation and verification of digital signatures to "build now, decrypt later" attacks, which can be implemented by quantum computers. Vulnerable cryptographic algorithms in the context of network models, certified by FSTEC means of information protection. A study in the context of the operated in the Russian Federation certified means of protection of information, which use vulnerable cryptographic algorithms, has been carried out. A time range for the possibility of attacks, related to termination of the certificate on the model range of network information security devices of domestic and foreign manufacturers has been revealed.
The analysis of vulnerable cryptographic algorithms presented in this paper is not final, but requires a more detailed inventory of the entire IT infrastructure of the Russian Federation, which may contain cryptographic systems vulnerable to QC quantum computing.
- Kriptografia. [Cryptography]. Available at: https://www.tadviser.ru/index.php/ (Аccessed: December 02, 2022) (in Russ.).
- Nannicini, Giacomo. An Introduction to Quantum Computing, without the Physics // SIAM Review 2020. Vol. 62. Number 4, 2020, pp. 936–981.
- Logan O. Mailloux, Charlton D. Lewis II, Casey Riggs, Michael R. Grimaila. Post-Quantum Cryptography: What Advancements in Quantum Computing Mean for IT Professionals // IT Professional. 2016. Vol. 18(5), pp. 42-47.
- M-23-02 Migrating to Post-Quantum Cryptography. Available at: https://www.whitehouse.gov/ (Аccessed: December 02, 2022).
- John McCumber. Assessing and Managing Security Risk in IT Systems // Auerbach Publications. 2004. P. 35.
- Uravnenie SHryodingera. [Schrodinger equation]. Available at: https://ru.wikipedia.org / (Аccessed: December 02, 2022) (in Russ.).
- Gosudarstvennyj reestr sertificirovannyh sredstv zashchity informacii. [State Register of Certified Information Security Tools]. Available at: https://fstec.ru / (Аccessed: December 02, 2022) (in Russ.).
- Ukaz Prezidenta RF ot 01.05.2022 g. № 250 «O dopolnitel'nyh merah po obespecheniyu informacionnoj bezopasnosti Rossijskoj Federacii». [Decree of the President of the Russian Federation No. 250 dated 01.05.2022 «On additional measures to ensure information security of the Russian Federation»]. Available at: http://pravo.gov.ru/ (Аccessed: December 02, 2022) (in Russ.).