AWS Goes SIKE and Thinks BIKE …

We are on a warning … quantum computers will rip up most of the trust on the Internet. Once created at scale, they will be able to crack RSA, ECC (Elliptic Curve Cryptography) and discrete log methods, and which provide most of the signing on the Internet at the current time. Also, they are likely to reveal symmetric keys which are often secured with public-key methods.

So, who knows how quickly they will come to the market, but we need to, at least, investigate new methods. The ability for a quantum computer to break all of the secure connections that have ever been recorded, secure databases, and all of the blockchain records ever created, could cause large scale damage to the security of the Internet.

Amazon recently announced that their AWS KMS (Key Management System) will now support the integration of post-quantum cryptography within TLS handshake. This involves the porting Bit Flipping Key Exchange (BIKE) and Supersingular Isogeny Key Exchange (SIKE)for key exchange into their s2n library [here]:

It is defined as a hybrid scheme in that is uses the traditional ECDH (Elliptic Curve Diffie Hellman) method, and adds post-quantum methods (BIKE and SIKE). AWS KMS now…