"The information security industry is in a race against time to innovate faster than the adversaries who wish to harm consumers and businesses", Facebook wrote. "However, most security research over-rotates toward offensive, novelty hacks that have little impact on most people's lives." To turn the incentive around, the Internet Security Prize is designed to reward researchers who combine a working prototype with significant contributions to the security of the Internet - particularly in the areas of protection and defense.
The winning team proposed an improved cryptosystem, called 'NewHope', that is designed to resist attacks by future quantum computers. Such quantum computers would have a devastating impact on the security of our current protocols - an advent sometimes referred as a Cryptocalypse. NewHope can for example be integrated into TLS and HTTPS, two security protocols used by web-browsers. This was recently done by Google, as an experiment toward post-quantum security.
While other proposal for post-quantum security have been made previously, Facebook said: "Building on previous studies, this new research identified a better suited error distribution and reconciliation mechanism, analyzed the scheme's hardness against attacks by quantum computers, and identifies a defense against possible backdoors and all-for-the-price-of-one attacks. Using these measures the team was able to increase the security parameter by more than 100 percent, reduce the communication overhead by more than half, and significantly increase computation speed in portable C implementation and current Intel CPUs, all while protecting against timing attacks."
Léo Ducas is working in the Cryptology group at Centrum Wiskunde & Informatica (CWI) in Amsterdam, headed by Ronald Cramer. Léo Ducas was recently awarded a Veni grant. Peter Schwabe is working at Radboud University in Nijmegen. The research has been partly funded by an NWO Free Competition Grant and by a Public-Private Partnership between CWI and NXP Semiconductors.