A usability study of post-quantum algorithms

Abstract: There is a non-negligible risk that a quantum computer capable of breaking most modern public key encryption will be invented within the next couple of decades. All data that have to stay secret for more than 10-20 years should therefore be encrypted using quantum-resistant algorithms. There are different ways of approaching the problem of quantum security and the currently existing quantum-resistant algorithms for encryption and key exchange can be divided into four categories; Lattice-based, Supersingular elliptic curves, Code-based and Multivariate. The performance of the algorithms in the different categories varies and to evaluate the strengths and weaknesses of each, further study is needed. This thesis provides an overview of algorithms in each category, a comparison of existing implementations of algorithms from the first three categories, and an evaluation of the results. The comparison includes metrics concerning the performance, implementation and security of each algorithm. All of the considered categories have both advantages and disadvantages and, to be able to choose the right one, the requirements of the application must be considered. Overall, however, the lattice-based algorithms seem to provide the best trade-off between speed, key size and memory consumption, and are relatively easy to implement.