A system and method for encryption of data. The system and method utilizes a cryptographic function that provides asymmetric encryption/decryption and digital signing capabilities that are hardened against cyber attack from quantum computers.

A device and a network can authenticate using a subscription concealed identifier (SUCI). The device can store (i) a plaintext subscription permanent identifier (SUPI) for the device, (ii) a network static public key, and (iii) a key encapsulation mechanism (KEM) for encryption using the network static public key. The network can store (i) a device database with the SUPI, (ii) a network static private key, and (iii) the KEM for decryption using the network static private key. The device can (i) combine a random number with the SUPI as input into the KEM to generate a ciphertext as the SUCI, and (ii) transmit the ciphertext/SUCI to the network. The network can (i) decrypt the ciphertext using the KEM to read the SUPI, (iii) select a key K from the device database using the SUPI, and (iv) conduct an Authentication and Key Agreement (AKA) with the selected key K.

A system and method for encryption of data. The system and method utilizes a cryptographic function that provides asymmetric encryption/decryption and digital signing capabilities that are hardened against cyber attack from quantum computers.

A system and method provide a hybrid communication scheme that achieves high communication rates with post-quantum computational security guarantees. Messages to be securely communicated are first mixed using an individually secure encoding, such as a linear network code, and some of the encoded messages are further encrypted. The encrypted and unencrypted messages are sent via different communications channels. Each unencrypted message becomes almost as secure as the encrypted messages because of the pre-mixing, since decoding any one of the messages requires all of the messages, including the encrypted messages. Thus, a very few encrypted messages may be used, allowing the rate of communication to approach one as the number of channels increases. This is particularly beneficial when a classical public-key cryptosystem can only be used in part of the data transmitted or stored, in the presence of noisy channels, in distributed data storage, and other applications.

The invention discloses an error reconciliation method for an LWE public key cryptography The method includes an encoding algorithm and a decoding algorithm. The input of the encoding algorithm is a binary message vector u∈{0,1}.sup.k with a length of k, the output is a q-ary vector z∈Z.sub.q.sup.m with a length of m, where Z.sub.q={−q/2, . . . , q/2−1}; the input of the decoding algorithm is a q-ary vector w=z+e∈Z.sub.q.sup.m containing errors with a length of m, and the output is a binary vector u∈{0,1}.sup.k corresponding to z; the error reconciliation method for the LWE public key cryptography provided by the present invention combines a binary linear code with a Gray code to realize the error reconciliation scheme in LWE public key cryptography. The error reconciliation method includes an encoding algorithm and a decoding algorithm, which can be used to solve the problem of error reconciliation in LWE public key cryptography. The scheme of the invention has good fault tolerance and can significantly improve the transmission rate of encrypted information.

A computer processing system for reducing a processing footprint in cryptosystems utilizing quadratic extension field arithmetic such as pairing-based cryptography, elliptic curve cryptography, code-based cryptography and post-quantum elliptic curve cryptography that includes at least one computer processor having a register file with three processor registers operably configured to implement quadratic extension field arithmetic equations in a finite field of F.sub.p.sup.2 and a multiplexer operably configured to selectively shift from each of the three processor registers in sequential order to generate modular additional results and modular multiplication results from the three processor registers.

A communication brokering device receives, from a first device, a measurement of at least one of a bit-error-rate (BER) or a signal-to-noise ratio (SNR) associated with receipt of a transmission at the first device. The communication brokering device determines whether the first device is vulnerable to message interception or eavesdropping based on the measurement of the at least one of the BER or the SNR. The communication brokering device controls communications between at least one second device and the first device based on the determination of whether the first device is vulnerable to message interception or eavesdropping.

An encryption method of a terminal device includes: setting a scaling factor; and reflecting the scaling factor in a message to be encrypted, and performing encryption using a public key to generate a homomorphic ciphertext. The homomorphic encryption is, based on a decryption being performed, in a form that a result value obtained by adding an error value to a value obtained by reflecting the scaling factor in the message is restored.

Presented herein are methodologies for establishing secure communications in a post-quantum computer context. The methodology includes receiving, from a first communications device, at a second communications device, a secret seed value, or otherwise obtaining the secret seed value; initializing a session key service with the secret seed value; receiving, from the first communications device, at the second communications device, a pre-shared key identifier; querying the session key service for a pre-shared key corresponding the pre-shared key identifier; receiving, from the session key service, the pre-shared key; deriving a session key based, at least in part, on the pre-shared key; receiving from the first communications device, at the second communications device, data encrypted with the session key; and decrypting the data at the second communications device using the session key.

A decryption method includes: receiving a homomorphic ciphertext; and obtaining a result value added an error value at a message from the received homomorphic ciphertext. The error is disposed on the least significant bit (LSB) side in the homogeneous ciphertext, and the message is disposed at a position adjacent to the error.