View article

Public-key cryptography in use today is based on classically hard problems such as factoring or solving discrete logarithms. These problems could be efficiently solved if an adversary had access to a sufficiently large quantum computer. The potential of such a quantum computer therefore represents a threat on current cryptography. The field of post-quantum cryptography aims to mitigate against this threat by proposing schemes based on alternative assumptions that are believed to be hard in both the classical and quantum setting.

Lattice-based cryptography has emerged as a promising candidate for post-quantum cryptography. One reason for this is the wealth of applications that are possible, perhaps the most notable of which is Fully Homomorphic Encryption (FHE). This enables computations to be performed on encrypted data, without requiring access to the secret key, and for these computations to correspond to operations on the underlying data in a meaningful way.