New Encryption Defends Data Against Future Quantum Computer Attacks

Abel C. H. Chen, from Chunghwa Telecom Laboratories, and colleagues have developed a Key Encapsulation Mechanism-Based Integrated Encryption Scheme (KEM-IES) that integrates post-quantum cryptography to mitigate risks to existing methods such as the Elliptic Curve Integrated Encryption Scheme (ECIES). The new scheme represents a significant advancement in the field by incorporating the Ascon algorithm and demonstrating practical implementation on a Raspberry Pi 4. This enables enhanced security and computational efficiency in resource-constrained systems. The increasing threat posed by quantum computers to current cryptographic standards necessitates the development and deployment of quantum-resistant algorithms. As quantum computing capabilities mature, the need for robust cryptographic solutions becomes ever more pressing.

Ascon integration accelerates post-quantum key encapsulation on embedded systems

The newly proposed KEM-IES scheme utilises 256-bit keys, achieving a reduction in key encapsulation time to approximately 60% of that attained by standard ECIES when implemented on a Raspberry Pi 4. This level of performance was previously difficult to achieve without compromising the security offered by post-quantum cryptographic techniques. The improvement is directly attributable to the integration of the Ascon algorithm, selected by the National Institute of Standards and Technology (NIST) in August 2025 as a finalist in the Post-Quantum Cryptography Standardization process. Ascon is a lightweight authenticated encryption algorithm designed for high performance, particularly on embedded systems with limited resources. Its design prioritises both speed and security, making it an ideal candidate for integration into KEM-IES. ML-KEM, the Post-Quantum Cryptography mechanism employed within the scheme, demonstrates the highest efficiency in both key generation and encapsulation, significantly outperforming alternative PQC candidates such as HQC. NIST evaluations confirmed that ML-KEM, utilising a 512-bit key, completed key pair generation in a shorter timeframe compared to other submissions. HQC-128 consistently exhibited the slowest performance in this critical area of evaluation.

With ML-KEM as its core, key encapsulation within KEM-IES proved to be the fastest, with Key Encapsulation Key (KEK) encryption times substantially lower than those achieved by HQC, and notably exceeding the efficiency of standard ECIES which relies on the mathematical properties of Elliptic Curve Cryptography. Elliptic Curve Cryptography, while efficient today, is vulnerable to Shor’s algorithm, a quantum algorithm capable of breaking the underlying mathematical problem. The selection of ML-KEM is therefore crucial for providing long-term security against quantum attacks. Employing the Ascon-AEAD128 algorithm for symmetric data encryption resulted in reduced computation times when compared to the widely used AES-128 algorithm, demonstrating its potential for faster symmetric encryption. This consistency in performance was observed across both encryption and decryption processes, highlighting the robustness of the Ascon implementation. These results pave the way for practical implementation of quantum-resistant encryption on resource-constrained devices, strengthening data security in an era of advancing quantum computing capabilities and the associated cryptographic risks. The ability to deploy such schemes on devices like the Raspberry Pi 4 is vital for applications ranging from IoT devices to secure communication networks.

The choice of Ascon-AEAD128 is also significant due to its authenticated encryption with associated data (AEAD) capabilities. AEAD provides both confidentiality and integrity, ensuring that the encrypted data has not been tampered with during transmission. This is a crucial security feature, particularly in applications where data integrity is paramount. Furthermore, the lightweight nature of Ascon allows for efficient operation on devices with limited processing power and memory, making it suitable for a wide range of applications. The integration of a KEM, such as ML-KEM, with an authenticated encryption scheme like Ascon-AEAD128, provides a robust and efficient solution for secure communication in the post-quantum era.

Raspberry Pi validation highlights bandwidth challenges for post-quantum encryption

A fundamental shift in cryptographic thinking is required to secure data against the potential threat of future quantum computers, and this work offers a practical step towards that goal with a new encryption scheme. The team successfully demonstrated the feasibility of their Key Encapsulation Mechanism-Based Integrated Encryption Scheme (KEM-IES) on a Raspberry Pi, a widely used single-board computer, validating its potential for deployment in embedded systems. However, a fundamental trade-off remains apparent when transitioning to post-quantum cryptography. The larger size of the keys and ciphertexts used in post-quantum cryptography algorithms significantly increases the amount of data that needs to be transmitted, impacting bandwidth requirements.

This is a genuine concern, particularly for bandwidth-limited applications such as vehicle-to-everything communications (V2X), where data transmission rates are often constrained by network capacity and latency requirements. Further investigation into key compression techniques and efficient data encoding methods is therefore necessary to mitigate this issue. Practical application is demonstrably achievable, as proven by the successful implementation on a Raspberry Pi, and ongoing development of more compact Post-Quantum Cryptography (PQC) keys will help to alleviate the current size disadvantage. This work establishes a practical method for integrating post-quantum cryptography into existing encryption schemes, offering a pathway to secure communication in a future where quantum computers pose a significant threat. A Key Encapsulation Mechanism, or KEM, is a cryptographic system designed for securely exchanging encryption keys. By combining this with the established Elliptic Curve Integrated Encryption Scheme, scientists created a new scheme, KEM-IES, specifically designed to withstand attacks from future quantum computers. In particular, the integration of this algorithm demonstrates improved computational efficiency, enabling implementation on low-power devices like the Raspberry Pi 4, and broadening the potential for widespread adoption. The approach provides a functioning alternative to current encryption methods that are vulnerable to quantum computer attacks, offering a proactive solution to a growing security challenge.

The researchers developed a new encryption scheme, KEM-IES, which incorporates post-quantum cryptography to better resist attacks from future quantum computers. This is important because current encryption methods, such as ECIES, are potentially vulnerable as quantum computing technology advances. The scheme’s integration with the Ascon algorithm also improves computational efficiency, allowing it to run on devices like the Raspberry Pi 4. The study demonstrates the practical application of this approach and highlights the need for further work on key compression to address increased data transmission sizes.