An interview with a post-quantum cryptographer
Dr Ciara Rafferty
Ciara completed a PhD in applied cryptography at Queen’s University Belfast, focused on the hardware acceleration of fully homomorphic encryption, a type of cryptography which enables computation on encrypted data. Since completing her PhD, she has held research posts in European research projects, such as the EU H2020 SAFEcrypto project, which focused on practical aspects of post-quantum cryptography (or PQC). She currently lectures students on Cyber Security, as well as researching post-quantum cryptography and applied cryptography. Ciara is currently a Lecturer in Cyber Security, as part of the School of Electrical and Electronic Engineering and Computer Science (EEECS) and the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast. Ciara is also a Co-Investigator of the Quantum Communications Hub contributing to the research developed in the Hub on PQC.
It’s clear that you’re very passionate about your work, but what interested you in post-quantum cryptography? It’s quite a specialist direction in the field of cryptography, so what attracted you?
I have always been fascinated by mathematics, languages and secret codes, and as a child I even made myself a basic shift cipher to write secret messages. Later, when I began my research into cryptography, I read about different cryptographic schemes being proposed that remain secure in a post-quantum world, a world with quantum computers readily available in the future, and this seemed like an exciting story to me. Post-quantum cryptography is a fascinating area, as it is addressing a massive shift in cryptography, moving from our current classical cryptographic methods that we use every day on the Internet and in modern technology, based on hard problems like integer factorisation, and looking at alternative hard problems upon which to base new quantum safe cryptosystems. The need for this shift to post-quantum or quantum-safe cryptography is driven by the exciting developments in quantum computing, and to ensure that we have new classical cryptographic schemes that can withstand known quantum computing attacks, and to ultimately ensure long-term security and practicality for these cryptographic schemes. It is exciting to work on cutting edge cryptography, which requires further research and optimisation to ensure its sustained and secure use in the future.
What is the difference between classical cryptography and post-quantum cryptography? And what is meant by the term “quantum-safe” security approaches?
By classical cryptography, we mean cryptography that operates on standard computers using traditional mathematics; the advanced encryption standard (AES), Rivest–Shamir–Adleman (RSA) and elliptic curve cryptography (ECC) are all commonly used cryptosystems that we use daily via Internet protocols for example (see the padlock on your browser!). Unfortunately, our public key cryptography that we use today (RSA and ECC for example) are known to be potentially vulnerable quantum computing attacks. Quantum-safe or post-quantum cryptography describes alternative families of classical cryptography, that can currently withstand the threat of known quantum algorithms, and are typically based on alternative hard mathematical problems. There are several types of post-quantum cryptography (lattice-based, code-based, hash-based, super-singular isogenies and multivariate-quadratic), which all offer different advantages or challenges, and there are active standardisation processes (such as the NIST PQC competition), to evaluate and select a range of candidates that may be suitable replacements or additions to our standardised “cryptography toolbox” in the future. One of the challenges with PQC is that the schemes can be larger or less efficient than existing classical cryptography, so a lot of research is being invested in ensuring efficient quantum-safe cryptography.
Where does security analysis fit in in what you do? Is your work theoretical (e.g. mathematical modelling) or does it also involve hardware testing? And if so, what are the attributes/qualifications one needs to pursue a multi-level approach to cyber security?
Not only do we need new PQC schemes but we need to ensure these are both practical and secure for use in a range of devices, in software and in hardware. My research, alongside my colleagues, bridges the gap between theory and practice. We work with theoreticians to make proposed cryptographic designs more practical, by investigating novel, optimised software and hardware implementations. This can include lightweight designs, for example targeting small portable devices, as well as high-speed designs, for applications requiring lots of computations. For our research we work in collaboration with other researchers from different backgrounds, to ensure we are aware of the variety of threats in cyber security and cryptography, as well as the physical security and performance of implementations.
What are you working on at the moment and what are the applications of this?
Currently I have a number of active research projects, investigating optimised PQC designs in hardware and the development of hybrid PQC-QKD systems. I think the possibilities of hybrid systems are fascinating, combining classical and quantum techniques. The applications of PQC are wide ranging, and with the US standardisation process in the final stages, we could be looking at draft standards for PQC schemes within the next few years. The resulting schemes may be used to complement (and eventually potentially replace) our existing classical cryptography used ubiquitously today in our internet protocols, in our browsers and when we use Virtual Private Networks (VPNs). Other PQC schemes may require further research before these can be standardised and used widely.
What would a typical day at work be for you?
A typical day for me currently involves lots of meetings! This is great, as I enjoy talking to people. I spend my day lecturing Undergraduate and MSc students in cyber security, supervising Undergraduate and MSc projects, supervising PhD students and Post-Doctoral researchers and liaising with project partners from a variety of other academic institutions or industry. When I don’t have meetings, I read and keep up to date on research, work on research outputs, and collaborate with colleagues, working towards the next big project!
Is there a particular application of post-quantum technologies that you are particularly excited to see the development of in years to come? / What are your hopes for the future?
With the creation of PQC standards in the next couple of years, it is an exciting time to be involved in post-quantum technologies, and to see what the future holds for each of the “families” in PQC. Currently I have focused quite a bit on lattice-based cryptography, so I look forward to see how these schemes progress over the next few years and seeing the world transition to using PQC.
In cyber security, you never stop learning, so I look forward, through my engagement in the Quantum Communications Hub, to learn more about hybrid cryptosystems, quantum cryptography and quantum communications.
What advice would you give someone who might be interested in a career in STEM, knowing what you know now?
My advice is always to do what you enjoy. If you enjoy mathematics, computer science or physics, perhaps consider a career in electrical engineering and cyber security. I studied mathematics as an undergraduate student and ended up working in cryptography! There are exciting possibilities in cyber security, including in quantum and post-quantum cryptography, that require careers from a wide range of backgrounds and disciplines, and you can keep learning every day.