Quantum technology is expected to lead to a change in the defense industry due to the large amount of data that it can process quickly after being developed. This could help science and technology grow massively, but it could also give more power to those trying to crack encrypted communications.
Recently, the Department of Commerce developed four techniques that will prevent quantum hackers from succeeding.
The National Institute of Standards and Technology recently said it has reached an important milestone in its quest to develop encryption standards that defend against quantum-based attacks. According to experts, algorithms give government agencies a chance to start determining which security measures are most effective for them.
The institute has been competing with cryptographers for six years to develop a new encryption standard. According to Duncan Jones, head of cybersecurity at Quantenuum, a Colorado-based quantum computer company, the selected algorithms, CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+, are just the first step in computing on a long road to completing quantum-to-security.
Because we have so much work ahead of us, it “makes it much easier to start planning and testing,” he continued.
Pete Ford, senior vice president of government operations at Silicon Valley cybersecurity firm QuSecure, compared the gravity of the quantum threat to the next global arms race in the defense industry.
If quantum computers can decrypt materials currently protected by encryption technology, adversaries could obtain US operating plans, allied cooperation strategies, and more, he added.
“We highly value the independence that our information technology gives us. "It's really hard to regain that independence after it's been taken away," he said.
Duncan said that among the nearly 70 algorithms submitted for review, "simplicity and elegance" seem to be NIST's choices.
“I think when there is an algorithm that is simpler to understand, they are more confident in choosing it,” he said.
He noted that faster and smaller algorithms are also preferred. According to a press release on the standard, CRYSTALS-Kyber is fast and has "relatively small encryption keys." Digital signatures used for identification will be protected by CRYSTALS-Dilithium and FALCON. They received good marks from NIST evaluators for their "great efficiency".
Also known as public key encryption, asymmetric encryption works by generating two keys: a public key and a private key. An algorithm is used to mathematically connect the keys. People can exchange public keys to decrypt or decrypt the secure messages they share.
Encryption is secure, as it would take a long time for hackers to find the key using a traditional computer. However, if a hacker uses its quantum computing capabilities, it makes the key much simpler to grasp, defeating encryption and gaining access to secure communication.
Ford said parts of the new standard's algorithms are already in use by QuSecure. For example, the business used CRYSTALS-Kyber to demonstrate secure communications for a federal customer earlier this summer.
To demonstrate how to use quantum resistive switches, the company activated a post-quantum communication channel over the public internet at a facility used by the Air Force, Space Force and North American Aerospace Defense Command.
According to Ford, it's the first time a quantum-protected communication line has been set up in a government building.
According to him, using algorithms and tunneling to secure communications did not create new latency or bandwidth issues.
Jones noted that as many countries compete for the development of quantum technology, it is possible for a researcher to create brand new methods for decryption. As a result, enemies can decrypt messages faster.
Authorities must take this threat seriously and acknowledge that the attacks may have already begun.
He said agencies need to be crypto agile as well as trying out new algorithms. Long-term security will be ensured with the capacity to adapt.
In the future, "We want to be able to change algorithms without a huge headache," he said. “And this time when we discover a system that is hard to change, we have to make it simpler to move forward.”
According to Jones, the SPHINCS+ algorithm is “unexpected” but therefore valuable. According to a press release, FALCON and CRYSTALS-Dilithium can act as a backup to the others as they are from a different family of algorithms, i.e. based on a different math.
According to a publication, four additional algorithms are under review by NIST. The standard's announcements were split into two parts, due to "a robust demand for a variety of means of protection," according to the institute.
Jones underlined that although it poses a significant risk to government agencies and businesses that do business with the government, quantum computing can still be an "ally" for cybersecurity. He claimed that algorithms could be made more difficult to decipher due to potential processing capacity.
As soon as the threat phase is over, only the advantages that quantum can offer will remain, he said.
source: nationaldefensemagazine
📩 06/09/2022 15:44
Be the first to comment