loader from loading.io

Samsung S25 Goes PQC

ASecuritySite Podcast

Release Date: 02/28/2025

World-leaders in Cryptography: Aggelos Kiayias show art World-leaders in Cryptography: Aggelos Kiayias

ASecuritySite Podcast

Aggelos Kiayias is a professor at the University of Edinburgh and the chief science officer at Input Output Global (formerly IOHK). He received his PhD in 2002 from City University of New York. He is chair in cyber security and privacy, and director of the Blockchain Technology Laboratory at the University of Edinburgh. In 2021, Aggelos was elected Fellow of the Royal Society of Edinburgh (FRSE), and was recently awarded the BCS Lovelace Medal 2024 for his transformative contributions to the theory and practice of cyber security and cryptography.  H works in areas of blockchain technology...

info_outline
World-leaders in Cryptography: Anna Lysyanskaya show art World-leaders in Cryptography: Anna Lysyanskaya

ASecuritySite Podcast

Anna is a Professor of Computer Science at Brown University. Her research spans many areas of advanced cryptography including with digital signatures, group signatures, blind signatures, e-cash and anonymous digital credentials. She was originally from Ukraine, and undertook her masters degree at MIT in 1999, and then went onto a PhD in 2002 in the areas of Signature Schemes and Applications to Cryptographic Protocol Design. She joined Brown University in 2002, and was made a full professor in 2013. She is a member of the board of directors at  the IACR, along with serving  on...

info_outline
Apple Steps Back Their Security show art Apple Steps Back Their Security

ASecuritySite Podcast

The fallback for law enforcement agencies has always been the place where files are stored, and all the best encryption within end-to-end communications will not stop unencrypted files at rest from being examined. But when the user encrypts data into the Cloud and where they hold their own keys, that’s when the nightmare begins for them. The rise of cybersecurity on the Internet Let’s pinpoint the start of cybersecurity on the Internet to the 1970s. This saw the rise of the Lucifer cipher and saw banks properly protect their communications. This led to the 56-bit DES encryption method, and...

info_outline
Samsung S25 Goes PQC show art Samsung S25 Goes PQC

ASecuritySite Podcast

YouTube: Yesterday, I gave two short presentations on PQC (Post Quantum Cryptography), and next week, I’m in London to give a more focused talk on the subject. And so, it’s great to see that Samsung is driving forward the adoption of PQC methods in their new S25 smartphone. There are two companies that have a core focus on creating trusted hardware for consumers: Apple and Samsung. Apple has always had a core focus on making sure they use the best cryptography to not only secure their devices but also to make them privacy-aware. Samsung, too, has strived for improved security but, at...

info_outline
Leaders in Digital Trust/Blockchain: Aysegul Sensoy show art Leaders in Digital Trust/Blockchain: Aysegul Sensoy

ASecuritySite Podcast

Aysegul Sensoy has over 20 years of management experience with  blockchain, emerging technologies, fintech, business development, marketing and sales. She is currently the chair of the Istanbul Blockchain Women Association and CIS Regional Manager of Fuze Finance. She received her bachelor's degree in economics from Istanbul University and her master's degree in marketing communications management from Galatasaray University, as well as getting an executive MBA. She entered the tech sector after working in national and multinational companies as a marketing director, country manager, and...

info_outline
World-leaders in Cryptography: Amit Sahai show art World-leaders in Cryptography: Amit Sahai

ASecuritySite Podcast

Amit is a professor of computer science at UCLA and is the director of the Center for Encrypted Functionalities. Amit has been cited in his research work over 63,000 times and has an h-index of 91.  In 2000, he graduated with a PhD from MIT and then moved to Princeton. In 2004, he then moved to UCLA. Over the years, he has made so many great advancements,  including being the co-inventor of many areas of cryptography, including indistinguishability obfuscation schemes, functional encryption, attribute-based encryption, Zero-Knowledge Proofs and Multiparty Computation. In 2018, he was...

info_outline
World-leaders in Cryptography:  Bart Preneel show art World-leaders in Cryptography: Bart Preneel

ASecuritySite Podcast

Bart is a Professor in the Electrical Engineering department at KU Leuven in Belgium. He co-invented the Miyaguchi (Meya-Goochy)–Preneel scheme and which converts a block cipher into a hash function. Bart is also one of the co-inventors of the RIPEMD-160 hashing method, and which is used in Bitcoin addresses. He also co-designed the stream ciphers MUGI and Trivium, the MAC Algorithms Chaskey and MDxMAC and the authenticated encryption algorithm AEGIS that is used to encryption of data at rest ion Google cloud. Bart was the President of the International Association for Cryptologic Research...

info_outline
World-leaders in Cryptography: Ivan Damgard show art World-leaders in Cryptography: Ivan Damgard

ASecuritySite Podcast

Ivan Damgard is a professor in the Department of Computer Science at Aarhus University in Denmark.  He is the co-inventor of the Merkle-Damgard construction, and which was used in MD5, SHA-1 and SHA-2. In 2020, he received the Test of Time Award for a paper entitled "A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System", and in 2021 he received an ACM award for the Test of Time for a paper entitled "Multiparty unconditionally secure protocols. In 2010, he was elected as a Fellow of the International Association for Cryptologic...

info_outline
World-leaders in Cryptography: Chris Peikert show art World-leaders in Cryptography: Chris Peikert

ASecuritySite Podcast

Chris is a Professor in the Computer Science and Engineering department at the University of Michigan. He completed his PhD in 2006 at the MIT Computer Science and AI Laboratory under the mentorship of Silvio Micali.  He received a Test of Time award at Crypto 2008 for a paper entitled "A Framework for Efficient and Composable Oblivious Transfer" and also a TCC Test of Time award for his paper on “Efficient Collision-Resistant Hashing from Worst-Case Assumptions on Cyclic Lattices,” in 2006.  In 2024, Chris was elected as a Fellow of the International Association for Cryptologic...

info_outline
World-leaders in Cryptography: Clifford Cocks show art World-leaders in Cryptography: Clifford Cocks

ASecuritySite Podcast

 Clifford Cocks  is a British mathematician and cryptographer. While working at GCHQ, he invented public key encryption, and which predates the work of the RSA and Diffie-Hellman methods. He studied mathematics as an undergraduate at Kings College, Cambridge, and then joined the Communications-Electronics Security Group (CESG) at GCHQ in 1973. After his discovery of a usable public key encryption method, he went on to create one of the first Identity-Based Encryption methods and which is based on quadratic residues rather than bilinear pairings. In 2008, he was made a Companion of...

info_outline
 
More Episodes

YouTube: https://youtu.be/hcdk3u2R5Mo

Yesterday, I gave two short presentations on PQC (Post Quantum Cryptography), and next week, I’m in London to give a more focused talk on the subject. And so, it’s great to see that Samsung is driving forward the adoption of PQC methods in their new S25 smartphone.

There are two companies that have a core focus on creating trusted hardware for consumers: Apple and Samsung. Apple has always had a core focus on making sure they use the best cryptography to not only secure their devices but also to make them privacy-aware. Samsung, too, has strived for improved security but, at times, has made a few slip-ups along the way, but always patched around them. Now, Samsung Electronics has integrated PQC into their Galaxy S25 series of devices.

The need for this is that NIST will deprecate all our existing public key methods in 2030, including: RSA for public key encryption; RSA, ECDSA and EdDSA for signatures; and ECDH for key exchange. NIST will then remove them in 2035 from the NIST FIPS 140 standard. Given that a smartphone will have a life of at least five years, it makes sense to build the hardware to support the migration. Along with this, we see the rise of “harvest now, decrypt later” threats, where network traffic could be captured now and then decrypted sometime in the future.

The main integration at the current time involved ML-KEM (FIPS 203, aka Kyber) and ML-DSA (FIPS 204, aka Dilithium). With ML-KEM we replace key exchange and public key encryption methods, while ML-DSA provides us with digital signing:

These methods will be the Samsung Knox Matrix for enhanced data protection — this includes end-to-encryption for back-ups and the recovery of data from the Samsung Cloud. Overall, Samsung devices, like Apple hardware, have a secure enclave to store private and secret keys, and where not even Samsung can get access to them.

The usage of PQC will mean that Samsung devices will be able to communicate with other devices in the future and which are using PQC methods. This ensures not only current compatibility but also future compatibility. An important advancement of the industry is that Samsung will support PQC methods for their backup system to their Cloud.

Conclusions

Of course, the integration will not force applications and services to use PQC, and in most cases, it will still use our traditional methods, as devices that it connects to must support PQC. Thus, we will see a migration towards PQC, rather than a hard switch-over. In cryptography, this is often the case, as we can typically negotiate the cryptography methods that are used in the secure transmission or storage of data. Once all the required services and applications support PQC, our existing public key methods will likely be switched off.