Saturday , July 24 2021

Quantum computing: A double-edged sword for cybersecurity

Quantum computing can immediately damage existing cryptographic techniques. Aline Gouget, technical advisor and security researcher for Gemalto, shares the steps that have been taken to ensure that the arrival of quantum computing is something to be welcomed rather than feared.

Quantum computing quickly moved from science fiction to reality. Large companies and countries are investing heavily to become the first movers in building the era of commercial quantum computing because quantum computing is believed to dramatically impact several industries in the next decade. China, for example, is building a US $ 10 billion National Laboratory for Quantum Information Science in Hefei, which will focus on developing quantum computers and related technologies.

With such investments, IDC believes that quantum computing will be commercially available through cloud services within three years and that its global market will exceed US $ 10 billion by 2027. Another report by Tractica, estimates that North America will be the main region. for the adoption of quantum computing with US $ 718.3 million in revenue in 2025, closely followed by Europe (US $ 695.8 million) and Asia Pacific (US $ 650.9 million). In fact, Alibaba Cloud (in partnership with the Chinese Academy of Sciences) has offered services like that today to enable businesses to experiment with quantum applications in the real environment and accelerate the development of quantum computers in the future.

But what is quantum computing and why is that important? Simply put, quantum computing is set to redefine the limits of data processing power. As such, it will offer great potential to overcome various critical scientific challenges.

Quantum computing rewrites the rule book

What's unique about quantum computing is a very new way of calculating data. Since the 1960s, computing has relied on silicon transistors to store and manipulate data encoded as a series of zeros and ones. Quantum computing, on the contrary, exploits the ability of subatomic particles to exist in more than one country at a time. As a result, this encodes data in quantum bits or & q39: & # 39; which can be likened to a ball. Although traditional bits can only be in one of the two spherical poles, qubits can be in any position on the ball, allowing more data to be stored and manipulated much faster. With such capabilities, quantum computers are ready to solve problems that traditional computers never can.

Break down which cannot be solved

Over and over, we have seen examples of breakthrough technology that are exploited by those who lack pure intentions. Quantum computing is no exception, with Michele Mosca of the Institute for Quantum Computing recently stating that there is "one on seven occasions that some fundamental public key cryptography will be solved by quantum by 2026, and one of two possibilities is the same by 2031. "

Cryptographic algorithms are classified according to characteristics, such as the type of mathematical function that underlies them, the type of use designed for (for example protecting data exchanges or secret production), or the type of confidential management needed (i.e. one secret key, or public and private key pair).

Of these, a family of algorithms that might be weakened by the spread of quantum computing have been identified as primarily including public key-based methodologies such as RSA and elliptic-curve cryptography for PKI applications, and key exchange applications such as Diffie-Hellman. Although this shows serious headaches because many secure communications today depend on some of these cryptographic algorithms, the good news is that leading industry players have recognized this problem from the start and have taken steps to overcome it.

Some industry players have launched strategies to protect products throughout their entire life cycle. Gemalto, for example, works on product design that embeds what is called crypto agility capabilities, which allow software to load and replace keys and algorithms such as and when they become obsolete. This powerful mechanism allows the fleet of resistant products to be maintained, even when the algorithm is found to be vulnerable.

Another axis of defense is in the choice of the algorithm family. Broadly speaking, there are three main approaches to ensuring products that are resistant:

– Implement symmetric key algorithms with larger keys (about twice the size of the current average key), which are famous for rejecting quantum computing;

– Implement proven quantum safe algorithms that have demonstrated their robustness, such as hash-based signatures; or

– Apply a subtle combination of both pre and post-quantum algorithms.

The last option is important, because it adopts a forward thinking approach while maintaining existing effective crypto that the security industry has mastered properly and correctly.
Teamwork questions
Protecting the future of public key encryption means finding algorithms that can withstand the power of quantum computing but remain safe when used with computers & # 39; classic & # 39; This is what this sector calls crypto 'quantum-safe' or 'post-quantum'. So far, various research teams have submitted more than 80 new public cryptographic key system proposals that meet the criteria for the US National Institute for Standards and Technology (NIST) for evaluation. After the proposal is examined, standardization work will begin. NIST expects to provide solid results at the second post-quantum cryptography standardization conference in 2019.

Keep in touch

Back in the dark days of World War II, a group of international Allied code-breakers based in Bletchley Park in the UK managed to unlock the link of the Enigma machine that was unbreakable & # 39; with lots of communication their enemies are secured. To help them do it, they created electro-mechanical equipment, & # 39;

More than 70 years later, other new generation technologies are ready to undermine cryptographic techniques that are said to have never been wrong. However, the main message here is not just about the broader industry's desire to research and implement new forms of protection against this latest threat. Quantum computing – or at least quantum physics is the basis – will also open the door to a completely new approach to data security. Even though it is still very early, it is important for those who have an interest in encrypted communication to keep up to date.

In other words, don't just stay calm and continue; keep following too.

Article by Gemalto technical advisor and security researcher Aline Gouget.

Source link