Cryptography

NIST Announces the End of RSA and ECDSA

/ bugejajoseph / Leave a comment

In a significant shift for cyber security, NIST has announced the deprecation of RSA, ECDSA, and EdDSA encryption algorithms by 2030, with a full disallowance by 2035. This transition, outlined in the NIST IR 8547 document (currently in draft), is driven by the growing quantum threat and sets a clear timeline for organizations to update their cryptographic systems.

While there may be no cryptographically relevant quantum computers yet that currently threaten levels of security, these long-standing public-key algorithms remain vulnerable to Shor’s Algorithm on such future quantum systems. On the other hand, NIST-approved symmetric primitives providing at least 128 bits of security are unaffected by this change.

NIST has posted a transition schedule for post-quantum cryptography (PQC), outlining key milestones to help organizations adopt quantum-resistant algorithms. Three PQC standards to strengthen modern public-key cryptography infrastructure for the quantum era include ML-KEM, ML-DSA, and SLH-DSA.

The proposed timeline is expected to significantly influence the industry, with global attention now also on the European Union’s position on PQC, as many await its stance before proceeding with full-scale implementations.

To learn more, read the full NIST IR 8547 draft here.

Understanding Stream Ciphers with LFSRs

/ bugejajoseph / Leave a comment

Last week, I delivered a lecture at the University of Malta on stream ciphers, building on our previous session on pseudorandom number generation. We had previously covered PRNGs and CSPRNGs, providing the foundation for understanding secure encryption methods, leading to our discussion on Linear Feedback Shift Registers (LFSRs) and their role in stream ciphers.

LFSRs are simple yet powerful tools in cryptography. They generate sequences based on their current state and a feedback mechanism, making them useful in stream ciphers due to minimal hardware needs and long outputs. LFSRs consist of a series of flip-flops connected in a chain, with the output of some flip-flops XORed and fed back into the input. This feedback loop creates a pseudorandom sequence of bits, which can be used as a keystream for encryption.

Students explored how LFSRs create cryptographic bitstreams, essential for understanding more advanced systems. Below is a Python code snippet of a basic 4-bit LFSR, illustrating how its state evolves and new bits are generated through feedback.

state = 0b1001
for i in range(20):
print("{:04b}".format(state))
newbit = (state ^ (state >> 1)) & 1
state = (state >> 1) | (newbit << 3)

My First Lecture at the University of Malta

/ bugejajoseph / Leave a comment
Snapshot of the title slide captured prior to the lesson.

I initiated the Applied Cryptography course at the University of Malta on Monday evening. As a cyber security professional and academic with a strong commitment to the field of information security, I am genuinely excited to be leading this specialized academic course this year.

Throughout the introductory lecture, I delved into the foundational concepts of cryptology, emphasizing its profound relevance within contemporary security applications. The pedagogical discourse traversed a diverse spectrum of topics, encompassing cryptographic mechanisms, the examination of classical substitution ciphers and their formal representations, a concise introduction to cryptanalysis, and more.

I am excited to be a part of this journey and look forward to the next lecture in this course on Monday!