The League Table of Post Quantum Cryptography (PQC)
The League Table of Post Quantum Cryptography (PQC)
As you should know, all of our existing public key methods (ECC, RSA and ElGamal) can be cracked with the advent of quantum computers. Over the next few years, we need to replace them with methods that are quantum robust. This includes lattice methods, code-based methods, isogenies, hash-based methods and multivariate quadratic (MQ) methods. So, which method will win the PQC competition? Well, let’s give them a test. For this, I will use the liboqs library, and perform a series of tests for key exchange (key generation and key encapsulation) and digital signing (key generation, signature signing and signature verification).
Key Exchange
First up, it is key generation. The contenders are the lattice methods (Kyber, Saber, NTRU and FrodoKEM), the Code-based methods (McEliece, HQC and BIKE) and Isogeny-based methods (SIKE and SIDH). Overall, for key generation, it’s Kyber out in front, and which is much faster than the other lattice methods of Saber and NTRU [here]:
In the relegation position for key generation we have SIKE (isogeny-based), SIDH(isogeny-based) and McEliece (Code-based) [here]:
For key encapsulation, McEliece does better, but it is still Kyber out in front [here]:
and for the relegation zone, again, the isogeny based methods (SIDH and SIKE) do poorly [here]:
And so the clear winner is Kyber, followed by Saber and NTRU. It’s a bit win for lattice methods, with McEliece struggling in the key generation table, and SIKE and SIDH struggling in most areas.
Digital Signatures
The contenders are the lattice methods (Dilithium and Falcon), the MQ methods (Rainbow), and the Hash-based methods (Picnic, and SPHINCS+). For digital signature key generation, we see a new leader for key generation, with Picnic (hash-based ZKP). The lattice method of Dilithium does fairly well, but much slower than Picnic [here]:
In the relegation zone, we see SPHINCS+ and Rainbow struggling with their key generation [here]:
For signing, the lattice methods lead the way [here]:
and for the relegation zone [here]:
But for verifying, the lattice methods of Dilithium and Falcon come through on top [here]. Again, Picnic does fairly well [here]:
In the relegation zone for signing, we see SPHINCS+ and Rainbow performing poorly [here]:
And so? The winners (for performance) seem to be Kyber (for key exchange and public-key encryption), and Dilithium (for digital signatures). For a non-lattice method, Picnic does fairly well in the competition for digital signatures, and BIKE for key exchange.
Here is an implementation of Dilithium (for digital signatures) in Golang:
https://asecuritysite.com/golang/circl_dil
and Kyber (for KEM) in Golang:
https://asecuritysite.com/pqc/circl_kyber
If you want to know more about these methods, try here: