Banque de France and Monetary Authority of Singapore conducted post-quantum cryptography experiment to enhance communication security.
The Banque de France (BdF) and the Monetary Authority of Singapore (MAS) today announced the completion of a joint experiment in post-quantum cryptography (PQC) conducted across “continents over conventional Internet technologies.”
The PQC experiment aims to strengthen communication and data security in the face of quantum computing advancements, and the successful experimentation marks a key milestone in the evolution of the protection of international electronic communications “against the cybersecurity threats posed by quantum computing.”
The joint BdF-MAS initiative reportedly trialed its use of quantum-resistant cryptographic algorithms for the “signing and encryption” of emails.
The goal was to strengthen the level of security for electronic communications in the future, while at the same time also retaining compatibility with Internet standards, technologies and communication channels.
In this context, emails are particularly “sensitive,” as they may carry confidential information, making them a “prime target” for cyberattacks.
This experiment demonstrates the feasibility of these security methods and their effectiveness in application environments.
The project followed a hybrid approach, combining the current algorithms with post-quantum algorithms to ensure security and compatibility with “existing systems, while preparing for the cybersecurity threats posed by quantum computing.”
A comprehensive technical report which details the results and takeaways from the experiment was recently shared publicly.
The key findings of the report include:
- Using Microsoft Outlook as the email client coupled with a PQC email plugin, BdF and MAS successfully exchanged digitally-signed and encrypted emails using PQC algorithms, namely CRYSTALS-Dilithium and CRYSTALS-Kyber.
- Standardising PQC cryptographic algorithms and libraries for digital signatures and encryption, is not enough. Application protocols and standards like public key infrastructure, digital certificates, key exchanges and secure emails must also be standardised to incorporate PQC cryptographic algorithms to facilitate adoption and interoperability of PQC.
- There is potential to integrate this technology into payment networks. By integrating PQC algorithms into payment networks, financial institutions can future-proof their security measures against the looming threat of quantum computing, ensuring the long-term integrity and confidentiality of sensitive financial data.
BdF and MAS stated in the update that they will continue to collaborate in the next stage of experimentation, in an effort to extend PQC to critical financial transactions, particularly “cross-border transactions on payment networks.”
By collaborating on this experiment, BdF and MAS affirm their commitment to anticipating “future threats” and ensuring the security of financial systems.
This initiative also highlights the importance of “international cooperation” in addressing emerging cyber threats.
Mr Denis Beau, First Deputy Governor, BdF, said that although quantum computing opens up promising new prospects in various fields, it also brings a threat to cyber security, particularly in protecting our communications.
Beauy added that in this context, Banque de France, in its role of central bank, has been anticipating and “multiplying experiments in post-quantum cryptography with its partners since 2022.”
They also noted that the results of this first “cooperation with the Monetary Authority of Singapore in the field of post-quantum cryptography reassure us of our ability to make our inter-institutional communications resilient.”
They further stated that they’re pleased that this cooperation ‘can continue into a second phase.”