Cybersecurity overview
Cybersecurity under quantum computer threats
The Public-Private Key scheme (PPK) is the backbone of today’s cryptographic protocols. Applications such as data encryption, authentication, digital signatures, privacy-preserving computing, cryptographic hash functions, etc., are all based on PPK. In a nutshell, PPK is constructed assuming the intractability of some mathematical problems like finding large integers’ prime factors (e.g., in RSA), or computing integer pairs satisfying the curve equation (e.g., in ECC).
The following are areas under threat from quantum computing:
Encryption Quantum computers will defeat current cryptographic algorithms and decrypt data while it is being transmitted. | Cryptographic Hash Functions Cryptographic hash functions are often used to secure communications. However, quantum computers will be able to defeat this approach by implementing fast search algorithms. |
Authentication Quantum computers will defeat authentication algorithms thereby making data transmission vulnerable to being intercepted/diverted or enabling malicious parties to penetrate the communication chain. | Entropy of encryption keys A vital ingredient in all cryptographic algorithms is random numbers. Random number generators are used to produce encryption keys. Increasing the randomness/entropy is essential to the future of secure communications. |
Certificates & Digital Signatures An adversary armed with a quantum computer can easily forge digital signatures and fake certificates. | Privacy-preserving computing The security intrusions posed by the ability of quantum computers to crack both encryption and authentication protocols will invalidate the premises on which privacy-preserving computing schemes rely. |
The PPK-based protocols are generally considered to be secure as there is no known efficient algorithm to solve those math problems in current digital computers. However, quantum computers employ unprecedented computing approaches and power and may easily break PPK, putting the entire digital world at stake.
Even though many efforts have been invested to replace PPK using post quantum cryptography methods, none has been proven to be secure against future quantum algorithms. As institutions and companies around the world are in the quantum computer race, moving toward a quantum cryptography for current communication networks is the ideal defending approach.
Are Quantum Key Distribution (QKD) enough to defend communication networks in the quantum era?
No, they are not. QKD focuses on solving only one problem, the distribution of encryption keys. Even if running ideally, a QKD-based network can only guarantee the security of data-in-transit. Many other crucial elements for network securities, such as authentication, verification, and digital signatures, still rely on classical cryptography and are thus vulnerable to quantum computer attacks.
We are currently building an end-to-end quantum solution to defend the security of our digital world against quantum computer attacks with the following use cases.
Use cases
Secure multi-party computation
A pool of distrusted parties wish to compare and perform a secure computation on their combined data without revealing their perspective personal data.
User authentication
A credit card user must prove her identity by showing she knows the secret password without revealing her actual password.
Private blockchain transaction
A user wishes to perform zero-knowledge proof to process a transaction on a blockchain while remaining anonymous.