New Contributions to Quantum-safe Encryption

Cryptoplexity researchers presented two papers at the SAC 2025 in Toronto

2025/08/19 by Daniela Fleckenstein

How can encryption systems be designed to withstand even powerful quantum computers? And where do promising approaches reach their limits? This week, Cryptoplexity researchers presented two papers at the 32nd Selected Areas in Cryptography conference (SAC 2025) in Toronto that address these questions from different perspectives: One refining how we measure key strength when randomness is imperfect, the other exposing why isogeny-based designs for identity-based encryption fall short.

Picture: Evangelos Gkoumas
Picture: Elif Özbay-Gürler

Go to picture 1
Go to picture 2

Quantum computers may one day be able to break many of the encryption methods used today. To secure digital communication for the long term, security researchers around the world are working on post-quantum cryptography. The two SAC contributions from our Cryptoplexity researchers show how essential it is to question long-standing security assumptions and to critically assess new technologies at the earliest design stages.

Key strength under realistic conditions

Professor Marc Fischlin and Evangelos Gkoumas (both RG Cryptoplexity, TU Darmstadt) investigated how secure digital keys remain against quantum attacks when they are not perfectly random. In traditional security analyses, such as for the AES encryption standard, it is assumed that keys are chosen with perfect randomness. Under this idealised assumption, the common rule is: quantum computers halve a key’s effective security, so doubling its length should suffice. But when keys are “almost random”, as can occur in quantum key distribution, key length alone is not the only factor. The team’s analysis shows that the decisive factor is keeping the deviation from perfect randomness within well-defined bounds. Anything beyond that adds no further protection, and anything below it weakens security.

Putting isogenies to the test

Elif Özbay Gürler (RG Cryptoplexity, TU Darmstadt) and Dr. Patrick Struck (University of Konstanz) explored whether isogeny-based cryptography could serve as the foundation for secure identity-based encryption (IBE). In IBE, for example, an email address can serve as a public key, making systems easier to manage. Their conclusion: many theoretically possible constructions either run into fundamental mathematical barriers or result in insecure systems. The researchers outline the properties that future isogeny-based schemes would need to fulfil to enable reliable IBE, helping avoid flawed designs early on.

Impact for research and practice

Both papers underline that security depends not only on computational strength but also on a clear understanding of the underlying assumptions. Their insights can help to allocate resources more effectively and design systems with long-term resilience in mind.

Publications

Bit Security of Quantum Key Search
by Marc Fischlin, and Evangelos Gkoumas. [Pre-Proceeding (opens in new tab)].

Funded by the German Federal Ministry of Education and Research (BMBF) under the programme “High-Performance Components and Optimised Materials for Quantum Communication” via the project “Chip-based Quantum Random Device” (CBQD).

How (not) to Build Identity-Based Encryption from Isogenies
by Elif Özbay Gürler, and Patrick Struck. [Pre-Proceeding (opens in new tab)].

Funded by the German Research Foundation (DFG) via the CRC 1119 CROSSING, the German Federal Ministry of Research, Technology and Space (BMFTR) under project QUDIS, and the Hector Foundation II.