Public-key cryptography
Cryptographic system with public and private keys
Follow Public-key cryptography on Notably News to receive short updates to your email — rarely!
We include updates on Diffie–Hellman key exchange, X.509, Certificate authority, Byzantine fault, Public key infrastructure, Homomorphic encryption, Primality test, Jeevan Pramaan, Elliptic Curve Digital Signature Algorithm, Public key certificate, Forward secrecy, EdDSA, Digital Signature Algorithm, Domain Name System Security Extensions, ElGamal encryption, PKCS ... and more.
| 2025 |
Digital Signature Algorithm
OpenSSH announced the removal of DSA support, which was completely dropped in version 10.0.
|
| 2025 |
Digital Signature Algorithm
OpenSSH announced DSA is scheduled to be removed.
|
| February 20 2024 |
X.509
Expiration date of the GlobalSign intermediate certificate issued in 2014
|
| 2023 |
Digital Signature Algorithm
Fifth revision of DSA standard: FIPS 186-5 was released, which forbids signing with DSA and recommends replacement by newer signature schemes like EdDSA.
|
| 2023 |
EdDSA
FIPS 186-5 standard's final version included deterministic Ed25519 as an approved signature scheme, officially recognizing its cryptographic significance.
|
| 2023 |
Naccache–Stern knapsack cryptosystem
At this point, there was no proof establishing whether the Naccache-Stern knapsack cryptosystem reduces to the discrete logarithm problem.
|
| 2023 |
Kyber
The encrypted messaging service Signal implemented PQXDH, a Kyber-based post-quantum encryption algorithm, into their Signal Protocol.
|
| October 2023 |
Post-Quantum Extended Diffie–Hellman
The PQXDH protocol underwent formal verification, successfully proving all desired security properties in its second revision, enhancing its cryptographic reliability and security assurances.
|
| September 2023 |
Post-Quantum Extended Diffie–Hellman
Signal Protocol developers announced the update to support Post-Quantum Extended Diffie–Hellman (PQXDH), introducing a quantum-resistant cryptographic key exchange mechanism.
|
| February 2023 |
Digital Signature Algorithm
NIST released the newest specification FIPS 186-5, which indicates DSA will no longer be approved for digital signature generation, though it may still be used to verify prior signatures.
|
| 2022 |
Falcon
Falcon signature scheme was adopted and implemented by Algorand and Crypnut blockchains for cryptographic signing purposes.
|
| 2022 |
Discrete logarithm records
Published the current record for discrete logarithm over GF(2111023^50) in fields of moderate characteristic.
|
| 2022 |
Kyber
Kyber became the only key encapsulation mechanism selected for standardization at the end of the third round of the NIST standardization process, with a conditional status pending patent-related agreements.
|
| 2022 |
Kyber
A tight formal mathematical security reduction of the ring-LWE problem to MLWE was established, strengthening Kyber's cryptographic foundations.
|
| 2022 |
Kyber
Multiple Kyber security variants were defined: Kyber512 (NIST security level 1), Kyber768 (NIST security level 3), and Kyber1024 (NIST security level 5), providing scalable post-quantum cryptographic options.
|
| September 2021 |
X.509
OpenSSL version 3.0 was released, beginning to reject SHA-1 certificates by default.
|
| 2020 |
Homomorphic encryption
Baiyu Li and Daniele Micciancio published an article discussing passive attacks against the CKKS homomorphic encryption scheme, demonstrating potential vulnerabilities in the IND-CPA definition and testing attacks on four major homomorphic encryption libraries (HEAAN, SEAL, HElib and PALISADE).
|
| 2020 |
Certificate authority
According to Netcraft, DigiCert was identified as the world's largest high-assurance certificate authority, commanding 60% of the Extended Validation Certificate market and 96% of organization-validated certificates globally.
|
| 2020 |
Kyber
Amazon Web Services (AWS) integrated Kyber into their Key Management Service (KMS) as a hybrid post-quantum key exchange option for TLS connections.
|
| 2020 |
Kyber
During the second phase of the NIST standardization process, Kyber underwent significant algorithm adjustments, including removing public key compression and modifying various parameters.
|
| September 1 2020 |
Certificate authority
Maximum certificate lifetime reduced to 398 days.
|
| June 16 2020 |
Discrete logarithm records
Aleksander Zieniewicz and Jean Luc Pons solved a 114-bit interval elliptic curve discrete logarithm problem on the secp256k1 curve using 256 NVIDIA Tesla V100 GPU processors, completing the task in 13 days.
|
| 2019 |
Public key certificate
Major browsers like Chrome and Firefox discontinued visual indicators for Extended Validation (EV) certificates, removing the previously used green color and legal name display due to security concerns and potential impersonation vulnerabilities.
|
| December 2 2019 |
Discrete logarithm records
Fabrice Boudot, Pierrick Gaudry, Aurore Guillevic, Nadia Heninger, Emmanuel Thomé, and Paul Zimmermann announced the computation of a discrete logarithm modulo a 240-digit (795-bit) safe prime RSA-240 + 49204, using the Number Field Sieve algorithm and CADO-NFS software. The computation took approximately 3100 core-years and was estimated to be three times faster than expected due to algorithmic and software improvements.
|
| July 2019 |
Discrete logarithm records
Established the current record for discrete logarithm over GF(2^30750) in characteristic 2 finite fields.
|
| July 10 2019 |
Discrete logarithm records
Robert Granger, Thorsten Kleinjung, Arjen Lenstra, Benjamin Wesolowski, and Jens Zumbrägel announced the first large-scale computation of discrete logarithms in GF(2^30750) using 25,481,219 core hours on Intel Xeon architecture clusters, marking the first large-scale example using the elimination step of the quasi-polynomial algorithm.
|
| 2018 |
X.509
Dutch law passed giving new powers to intelligence and security services, leading to a revocation request for the Dutch government's Certification Authority (CA).
|
| 2018 |
Naccache–Stern knapsack cryptosystem
A specific attack using the birthday theorem was discovered to partially invert the Naccache-Stern knapsack cryptosystem function, effective when the message has a very low Hamming weight.
|
| August 2018 |
Forward secrecy
TLS 1.3 was published, dropping support for ciphers without forward secrecy. Wikimedia Foundation began requiring the use of forward secrecy.
|
| March 1 2018 |
Certificate authority
Baseline Requirements v1.4.4 introduced, further reducing maximum certificate lifetime to 825 days.
|
| 2017 |
Kyber
Kyber was submitted to the US National Institute of Standards and Technology (NIST) for its public selection process for quantum-safe cryptographic primitives (NISTPQC).
|
| August 23 2017 |
Discrete logarithm records
Takuya Kusaka, Sho Joichi, Ken Ikuta, Md. Al-Amin Khandaker, Yasuyuki Nogami, Satoshi Uehara, Nariyoshi Yamai, and Sylvain Duquesne solved a discrete logarithm problem on a 114-bit 'pairing-friendly' Barreto–Naehrig (BN) curve using 2000 CPU cores over approximately 6 months.
|
| February 2017 |
X.509
A research group led by Marc Stevens produced a SHA-1 collision, definitively demonstrating the hash function's cryptographic weakness.
|
| January 1 2017 |
Forward secrecy
App Transport Security (ATS) became mandatory for iOS apps, enforcing the use of HTTPS transmission with forward secrecy.
|
| 2016 |
Homomorphic encryption
Jung Hee Cheon, Andrey Kim, Miran Kim, and Yongsoo Song proposed the CKKS approximate homomorphic encryption scheme, which supports block floating point arithmetic and includes an efficient rescaling operation for encrypted messages after multiplication.
|
| December 2 2016 |
Discrete logarithm records
Daniel J. Bernstein, Susanne Engels, Tanja Lange, Ruben Niederhagen, Christof Paar, Peter Schwabe, and Ralf Zimmermann announced solving a 117.35-bit elliptic curve discrete logarithm problem using an optimized FPGA implementation of Pollard's rho method, running for about six months on 64 to 576 FPGAs in parallel.
|
| July 2016 |
Discrete logarithm records
Joshua Fried, Pierrick Gaudry, Nadia Heninger, and Emmanuel Thome published a discrete logarithm computation on a 1024-bit prime, using a specialized algorithm on a 160-bit subgroup, which was the standardized subgroup size for the 1024-bit digital signature algorithm (DSA).
|
| July 2016 |
Discrete logarithm records
Achieved the current record for discrete logarithm over GF(3^(6*509)) in characteristic 3.
|
| July 18 2016 |
Discrete logarithm records
Gora Adj, Isaac Canales-Martinez, Nareli Cruz-Cortés, Alfred Menezes, Thomaz Oliveira, Francisco Rodriguez-Henriquez, and Luis Rivera-Zamarripa announced the current record for a field of characteristic 3, computing a discrete logarithm in a 4841-bit finite field with 3^6 * 509 elements using about 200 core years of computing time.
|
| June 2016 |
Forward secrecy
At WWDC, Apple announced App Transport Security (ATS), which requires encryption ciphers providing forward secrecy for iOS apps.
|
| June 16 2016 |
Discrete logarithm records
Thorsten Kleinjung, Claus Diem, Arjen K. Lenstra, Christine Priplata, and Colin Stahlke announced the computation of a discrete logarithm modulo a 232-digit (768-bit) safe prime using the number field sieve. The computation started in February 2015 and took approximately 6600 core years.
|
|
We are only showing the most recent entries for this topic. |
|
This contents of the box above is based on material from the Wikipedia articles Post-Quantum Extended Diffie–Hellman, Kyber, Homomorphic encryption, Falcon (signature scheme), Public key certificate, Ring signature, RSA (cryptosystem), Digital Signature Algorithm, Discrete logarithm records, Naccache–Stern knapsack cryptosystem, Certificate authority, X.509, EdDSA & Forward secrecy, which are released under the Creative Commons Attribution-ShareAlike 4.0 International License.