Post-Quantum Cryptography

The Science Behind
Froorio's Security

A deep dive into the cryptographic algorithms and protocols that make Froorio resistant to both classical and quantum computing attacks.

The Challenge

The Quantum Threat

Quantum computers operate on fundamentally different principles than classical computers. Using quantum bits (qubits) that can exist in multiple states simultaneously, they can solve certain mathematical problems exponentially faster than any classical computer.

This poses an existential threat to current encryption:

  • RSA: Can be broken by Shor's algorithm on a quantum computer
  • Elliptic Curve (ECC): Similarly vulnerable to quantum attacks
  • Diffie-Hellman: Key exchange compromised by quantum computing

While large-scale quantum computers don't exist yet, the "harvest now, decrypt later" threat means your data needs protection today.

Harvest Now, Decrypt Later

Nation-states and sophisticated adversaries are collecting encrypted data today, storing it until quantum computers can break the encryption.

If your communications will still be sensitive in 10-20 years, they're at risk right now. This is why post-quantum encryption matters today, not tomorrow.

Key Encapsulation

Kyber (ML-KEM)

The NIST-standardised post-quantum key encapsulation mechanism

What is Kyber?

Kyber (officially ML-KEM in the NIST standard) is a lattice-based Key Encapsulation Mechanism (KEM). It allows two parties to securely establish a shared secret over an insecure channel.

In Froorio, Kyber is used to establish the encryption keys that protect your messages. When you start a conversation, Kyber creates a shared secret that only you and your recipient can access.

We use Kyber768, which provides approximately 192 bits of security—the level recommended for long-term protection of sensitive data.

How Does It Work?

Kyber's security is based on the hardness of the Module Learning With Errors (MLWE) problem. In simple terms:

  1. Mathematical operations are performed on a lattice (a regular grid in many dimensions)
  2. Small random "errors" are added to the computations
  3. Recovering the original values from the noisy results is computationally infeasible—even for quantum computers

This is fundamentally different from RSA or ECC, which rely on factoring or discrete logarithms—problems that quantum computers can solve efficiently.

NIST Standardisation

Kyber was selected by the US National Institute of Standards and Technology (NIST) as the primary post-quantum key encapsulation mechanism after a rigorous multi-year evaluation process involving the global cryptographic community.

2016

NIST process began

82

Initial submissions

2022

Kyber selected

2024

Standard published
Digital Signatures

Dilithium (ML-DSA)

The NIST-standardised post-quantum digital signature algorithm

What is Dilithium?

Dilithium (officially ML-DSA in the NIST standard) is a lattice-based digital signature scheme. It provides cryptographic proof of message authenticity and integrity.

In Froorio, Dilithium ensures:

  • Authentication: Messages genuinely come from the claimed sender
  • Integrity: Messages haven't been modified in transit
  • Non-repudiation: Senders cannot deny sending a message

Why Signatures Matter

Encryption alone isn't enough. Without digital signatures, an attacker could potentially:

  • Send fake messages that appear to come from your contacts
  • Modify messages in transit without detection
  • Perform man-in-the-middle attacks

Dilithium prevents all of these attacks while maintaining quantum resistance. It's the essential complement to Kyber for complete security.

Complete Protocol

How It All Works Together

You
Kyber768 Key Exchange
Dilithium Signatures
AES-256-GCM Encryption
Recipient
1. Key Exchange (Kyber768)

Establishes a quantum-resistant shared secret between you and your recipient.

2. Authentication (Dilithium)

Signs messages to prove authenticity and detect any tampering.

3. Encryption (AES-256-GCM)

Encrypts the actual message content with the derived symmetric key.

Specifications

Technical Details

Kyber768

Security LevelNIST Level 3
Public Key1,184 bytes
Ciphertext1,088 bytes
Shared Secret32 bytes

Dilithium3

Security LevelNIST Level 3
Public Key1,952 bytes
Signature3,293 bytes
Private Key4,000 bytes

AES-256-GCM

Key Size256 bits
Nonce Size96 bits
Auth Tag128 bits
ModeGalois/Counter

Experience Post-Quantum Security

Download Froorio and protect your communications from future threats.

Download Now