Security Evaluation Aspects of Cryptographic Implementations Supporting Hybridisation Including QKD and PQC (A20c)
Security evaluations at high assurance levels according to EUCC can establish trust in cryptographic implementations following a secure design. Appropriate mitigation of the quantum threat should be considered an integral aspect in the design of secure communication systems. Recent statements from European NCSAs clearly indicate the need to deploy cryptographic schemes with PQC in such a way that the combination remains secure even if one of its components is broken. This statement can be extended to comprise also QKD, based on quantum-physical principles. Since communication systems can be broken if their design, their implementation or their usage has flaws, and the attacker always will look out for the weakest link, hybrid schemes will come into focus and on the table of the evaluators. This talk will exemplarily highlight selected aspects of vulnerability analysis of hybrid systems.