Worldwide secure communication is important for an increasingly connected international society. Currently deployed cryptographic methods are at risk by future attacks e.g. by quantum computer algorithms. Quantum Key Distribution will offer provable long-term security for critical infrastructure and secure communication. Today several approaches are being developed. I will review concepts that combine ground-based and space optical quantum communication links to achieve world-wide coverage. Optical free space communication is a reliable means to transmit classical and quantum information. Free space links offer ad-hoc establishment in intra-city communication, air-to-ground or satellite-to-ground scenarios. Quantum communication in space offers a fast route to global coverage [1]. I will discuss current activities, including the development of quantum key distribution with coherent optical communication in fiber and satellite systems, employing both discrete and continuous variable detection.

One of the hottest topic for enterprises today is Digitalization – how to get ready to it, what are the first steps, what are the possible consequences. SAP’s mission is to lead the transformation into the new digital economy by helping companies re-imagine their business using the SAP digital business framework.

The other area that gets more and more attention of SAP customers is the cyber security and data protection. The challenge here is to be ready to the new tricks of cybercriminals and protect SAP customers. That is continuously explored by SAP Security Research and transferred to product development.

While customers and product development at SAP are entangled by digitalization and conversion of everything in bytes and bits, SAP Security Research is superposed and looks into the risks and opportunities coming with qubits.

The presentation offers you to have a look behind the curtains – what SAP Security Research thinks about and does with quantum technologies.

Quantencomputer werden die Welt der IT-Sicherheit verändern. Was heute normal ist, muss neu durchdacht werden. Unternehmen beginnen sich mit den drohenden Auswirkungen der Quantencomputer zu beschäftigen. Was man bedenken sollte und wie man sich jetzt schon vorbereiten kann, wird in diesem Vortrag beleuchtet werden.

Hash-based signature schemes were among the first proposals for digital signature. While they impressed with their simplicity, they were originally neglected due to the size of signatures. In the last decade, hash-based signature schemes received increased interest due to their conjectured resistance against attacks using general purpose quantum computers. Right now, two hash-based signature schemes are in the process to become an RFC and three other proposals were submitted to the ongoing NIST post-quantum cryptography "competition".

Multivariate cryptography is one of the main candidates for establishing quantum resistant public key cryptosystems. In this talk, I will present the basic concepts of multivariate cryptography, including its security as well as advantages and limitations of the field. After that, I will give an overview of the various multivariate schemes submitted to the NIST post-quantum standardization project.

Lattice-based cryptography has emerged as one of the best candidates for post-quantum cryptography. The security of those schemes relies on the hardness of lattice problems. In order to determine the security levels of lattice-based schemes, one needs to determine the concrete hardness of those problems.

This talk provides an introduction to estimating the security of lattice-based cryptosystems. It introduces the most important lattice problem underlying lattice-based schemes and ways how to estimate the hardness of these problems. The focus of this talk will be the learning with errors (LWE) problem, which is the foundation of most modern lattice-based schemes. It will be shown how to solve LWE by solving a corresponding instance of the unique shortest vector problem (uSVP), how to solve uSVP using lattice reduction, and how to estimate the cost of lattice reduction.