- CryptographicEstimators addresses the need for a reliable point of access for concrete security estimates by consolidating existing estimators and providing the foundation for newly designed ones.
- The library can also be easily extended by researchers to accommodate various other types of cryptographic assumptions.
UAE is set to play a key role as an important stakeholder in advancing the post-quantum cryptography (PQC) ecosystem with the establishment of world’s first open-source software library for cryptographic hardness estimation – CryptographicEstimators, including key exchange methods, public key encryption and signatures.
The Technology Innovation Institute (TII), a leading scientific research centre and the applied research pillar of Abu Dhabi’s Advanced Technology Research Council (ATRC) was the main pillar.
Today, cryptographic estimations are often performed in an ad-hoc manner, producing non-standardised estimation scripts that deliver varying outcomes for the same problems. This method posts an obstacle to reaching a consensus around the hardness of cryptographic problems.
Secure parametres
As TII’s latest contribution to cryptographic research and standardisation, CryptographicEstimators addresses the need for a reliable point of access for concrete security estimates by consolidating existing estimators and providing the foundation for newly designed ones.
This approach helps public key scheme designers select secure parameters and it supports cryptanalysts in assessing their findings against established benchmarks.
Moreover, unlike similar projects that only evaluate single classes of hardness assumptions, such as lattice-based assumptions, CryptographicEstimators aims at the full spectrum of post-quantum secure foundations, currently including multivariate and code-based problems, along with some of their variants.
The library can also be easily extended by researchers to accommodate various other types of cryptographic assumptions.
Dr. Najwa Aaraj, Chief Researcher at TII’s Cryptography Research Centre (CRC), said that the introduction of the CryptographicEstimators library is particularly important in this critical moment, amid the ongoing efforts of the American National Institute of Standard and Technologies (NIST) in standardising PQC.
“CryptographicEstimators, a unique cryptographic tool, positions TII as a prime mover in the PQC domain and solidifies the UAE’s role as an important stakeholder in advancing the PQC ecosystem.”
CryptographicEstimators complements TII’s other initiatives in the cryptography sphere, such as the TII-McEliece Challenges, the new digital signatures submitted to NIST, and the creation of the first PQC software library in the UAE, on top of ongoing research on PQC.
A pressing need
The estimation of the computational complexity of hard problems is essential for determining secure parameters for cryptographic systems.
To date, those estimations are often performed in an ad-hoc manner. This led to a scattered landscape of available estimation scripts, with multiple scripts for the same problem with varying outputs.
Overall, this complicates the task of reaching consensus on the hardness of cryptographic problems. Furthermore, for designers it makes it difficult to gather precise information on the concrete difficulty of the underlying problems.
Especially in the light of the still ongoing NIST PQC standardisation effort and the upcoming call for post-quantum secure digital signature schemes there is a pressing need for a reliable point of access for concrete security estimates.
The main goal of this library is to consolidate existing estimators, become established as a collaborative community project and, hence, be the basis for newly designed estimators.
CryptographicEstimators is available on the web (https://estimators.crypto.tii.ae/) and as an open-source software with a GPLv3 license (https://github.com/Crypto-TII/CryptographicEstimators).
Main contributions of the library:
Accessibility. The CryptographicEstimators library provides an essential tool for cryptographic system design. They serve as a single point of access for designers to obtain reliable estimates on the hardness of chosen parameters. For an even wider adaptation, a fully automated graphical user interface, accessible via a web application, is provided.
Dependencies. Dependencies between the hardness of problems can be modelled ideally in the CryptographicEstimators library. Already in the initial state, some included estimators use other estimators to obtain computational estimates for certain subroutines.
Consensus. Even if not all estimators’ initial states should reflect the consensus of the whole community, the collaborative nature of the project provides an ideal platform for consensus-building. Furthermore, the CryptographicEstimators library encourages open discussions and welcomes contributions from the wider community, which leads to further refined estimates and improved reliability.
Collaboration. The CryptographicEstimators library is the first project launched intentionally as a collaborative estimator project. The impact that such a community driven project can have on the understanding of the hardness of a computational problem is witnessed by the LWE (now lattice) estimator.
Software Design. The library is build according to modern software-design principles. It follows a sophisticated object-oriented architecture and is fully modular. All basic functionalities are provided by the base (or parent) classes making the integration of new estimators and the extension of existing ones especially simple.
