A research team led by Professor Seo Seung-hyun from the Department of Electrical Engineering at Hanyang University ERICA has analyzed the security of module-based lattice post-quantum cryptography(PQC) recently adopted as an international standard technology by the U.S. National Institute of Standards and Technology (NIST), and proposed a novel attack method that can threaten it. This  achievement was presented at Conference on Cryptographic Hardware and Embedded Systems(CHES) 2025, one of the world's most prestigious academic conferences in cryptography.

Conventional public-key cryptography systems such as RSA and ECC are based on mathematically difficult problems like factorization of large integers and discrete logarithms. However, concerns have long been raised that it is only a matter of time for these systems to be broken if high-performance quantum computers are developed. In response, NIST has hosted an international competition since 2016 to set new standards for post-quantum cryptography. As of March 2025, five algorithms—ML-KEM, ML-DSA, FN-DSA, SLH-DSA, and HQC—are officially designated as the international PQC standards.

Still, standardization does not guarantee absolute security. Once new attack approaches arise, algorithms must be patched or replaced, making continuous validation of security in real-world settings. Recognizing this, Seo’s team revisited the security of the standardized module-lattice PQC and proposed a realistic quantum attack algorithm posing potential risks.

The team introduced a new analysis method called the ‘Quantum-Classical Hybrid Sieving Attack.’ Instead of fully implementing the attack on a quantum computer, the method assigns only the most time-intensive searching process to quantum computation, while the remaining steps are processed by conventional computers. Through this approach, the team quantified attack resources(operation counts, quantum gate numbers, error correction costs, and more) against ML-KEM and ML-DSA algorithms. Their findings revealed that the effective security strength could drop by 15 to 27 bits compared to previous estimates, indicating that attacks may require significantly fewer resources than previously believed if utilizes quantum computers.

Professor Seo stated, “Assessing cryptographic security in the quantum computing era requires more than simply calculating mathematical complexities. It must also incorporate considerations of quantum hardware resources and error-correcting processes needed for practical security evaluations.”

This study was supported by the National Research Foundation of Korea through the project ‘Quantum Security Cost Analysis Using Quantum Computing to Strengthen Cryptographic Communications in the National Research Network.’ The resulting paper ‘Quantum security analysis of Module-LWE PQC based on practical cost estimates’ lists doctoral student and researcher Cho Sung-min as first author and Professor Seo Seung-hyun as corresponding author.

In addition, Professor Seo serves as Deputy Director of the Hanyang Institute for Quantum-science and Quantum-technology (HY-IQQ), contributing to the advancement of quantum technologies in Korea. Established in March 2025, HY-IQQ operates five dedicated research centers on quantum computing, quantum sensing and measurement, quantum information and materials, quantum networks and security, and quantum activation technologies—bringing together faculty from both the ERICA and Seoul campuses to conduct cutting-edge research ranging from basic sciences to applied technologies.