• Apple labels PQ3 as “Level 3” security, highlighting its robust properties for iMessage.
• PQ3 adds a post-quantum key to Apple device registration for iMessage.
• PQ3 adds a rekeying mechanism for iMessage, enhancing security.

The imperative for impregnable security measures has reached a crescendo in the ever-accelerating march toward quantum computing dominance. Today, as the quantum supremacy specter looms, the clamor for steadfast cryptographic shields has amplified. So, in a groundbreaking move, Apple has unveiled PQ3, a cutting-edge post-quantum cryptographic protocol tailored for iMessage. Touted by the tech giant as possessing “unparalleled” security features, PQ3 represents a paradigm shift in communication security.

READ NEXT

Companies consider post-quantum cryptography options

At the heart of Apple’s embrace of post-quantum cryptography (PQC) lies a deep understanding of the evolving threat landscape. Simply put, as quantum computing advances, traditional cryptographic methods face unprecedented challenges, making the integration of PQC imperative for safeguarding sensitive data and preserving user privacy. 

For context, with their exponential computational power, quantum computers can potentially render existing encryption algorithms obsolete, posing significant risks to data security. Recognizing this, Apple has proactively invested in research and development to pioneer cryptographic solutions capable of withstanding quantum attacks.

That’s where the latest addition to Apple’s cryptographic arsenal, the PQ3 protocol, represents a paradigm shift in communication security. By introducing a new post-quantum encryption key within the iMessage registration process, Apple ensures that data exchanged through its platform remains protected against future quantum threats. PQ3 also incorporates advanced security features, such as a rekeying mechanism within iMessage conversations, designed to mitigate the impact of critical compromises and bolster overall resilience. 

“To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world,” Apple’s Security Engineering and Architecture (SEAR) team stated in a blog post a week ago.

PQ3 for iMessage integrates post-quantum key establishment and ongoing self-healing ratchets. Source: Apple

A quantum leap in messaging security

Traditionally, messaging platforms rely on classical public key cryptography like RSA, elliptic curve signatures, and Diffie-Hellman key exchange for secure end-to-end encryption. These algorithms are based on complex mathematical problems deemed computationally intensive for conventional computers, even with Moore’s law in play. But the advent of quantum computing poses a new challenge.

A powerful enough quantum computer could solve these mathematical problems in novel ways, potentially jeopardizing the security of end-to-end encrypted communications. While quantum computers capable of decryption aren’t yet available (as far as we know, supervillains notwithstanding), well-funded attackers can prepare by exploiting cheaper data storage. They accumulate encrypted data now, planning to decrypt it later with future quantum technology—a tactic called “harvest now, decrypt later.”

When iMessage launched in 2011, it became the first widely available messaging app with default end-to-end encryption. Over the years, Apple has continually enhanced its security features. In 2019, the iPhone maker bolstered the cryptographic protocol by transitioning from RSA to elliptic curve cryptography (ECC) and safeguarding encryption keys within the secure enclave, increasing protection against sophisticated attacks. 

READ NEXT

Post-quantum cybersecurity picking up the pace in US

“Additionally, we implemented a periodic rekey mechanism for cryptographic self-healing in case of key compromise. These advancements underwent rigorous formal verification, ensuring the robustness of our security measures,” the blog post reads. So, the cryptographic community has been developing post-quantum cryptography (PQC) to address the threat of future quantum computers. These new public key algorithms can run on today’s classical computers without requiring quantum technology. 

Designing PQ3

Designing PQ3 involved rebuilding the iMessage cryptographic protocol to enhance end-to-end encryption, meeting specific goals:

1. Post-quantum cryptography: PQ3 protects all communication from current and future adversaries by introducing post-quantum cryptography from the start of a conversation.
2. Mitigating key compromises: It limits the impact of critical compromises by restricting the decryption of past and future messages with a single compromised key.
3. Hybrid design: PQ3 combines new post-quantum algorithms with current elliptic curve algorithms, ensuring increased security without compromising protocol safety.
4. Amortized message size: To minimize additional overhead, PQ3 spreads message size evenly, avoiding excessive burdens from added security.
5. Formal verification: PQ3 undergoes standard verification methods to ensure robust security assurances.

According to Apple, PQ3 introduces a new post-quantum encryption key during iMessage registration, using Kyber post-quantum public keys. These keys facilitate the initial critical establishment, enabling sender devices to generate post-quantum encryption keys for the first message, even if the receiver is offline.

PQ3 also implements a periodic post-quantum rekeying mechanism within conversations to self-heal from crucial compromise and protect future messages. This mechanism creates fresh message encryption keys, preventing adversaries from computing them from past keys.

The protocol utilizes a hybrid design, combining elliptic curve cryptography with post-quantum encryption during initial critical establishment and rekeying. Rekeying involves transmitting fresh public key material in line with encrypted messages, with the frequency of rekeying balanced to preserve user experience and server infrastructure capacity.

PQ3 continues to rely on classical cryptographic algorithms for sender authentication and essential verification to thwart potential quantum computer attacks. These attacks require contemporaneous access to a quantum computer and cannot be performed retroactively. However, Apple noted that future assessments will evaluate the need for post-quantum authentication as quantum computing threats evolve.

Apple iPhone 15 series devices are displayed for sale at The Grove Apple retail store on release day in Los Angeles, California, on September 22, 2023. (Photo by Patrick T. Fallon / AFP)

Why PQ3 on iMessage matters for iPhone Users

Integrating PQ3 into iMessage signifies a monumental leap forward in privacy and security for iPhone users. With the exponential growth of data and the looming specter of quantum computing, traditional encryption methods face unprecedented challenges. PQ3 mitigates these risks by providing quantum-resistant protection, ensuring that your conversations remain shielded from future threats. 

In essence, PQ3’s implementation in iMessage demonstrates Apple’s interest in safeguarding user privacy and staying ahead of emerging security threats. Beyond its robust encryption capabilities, PQ3 introduces a host of additional security features designed to enhance the overall integrity of iMessage. These include secure fundamental establishment mechanisms, cryptographic self-healing protocols, and real-time threat detection capabilities. 

By incorporating these advanced security measures, Apple ensures that iMessage remains a bastion of privacy in an increasingly interconnected world.

When can iPhone users expect the update?

Support for PQ3 will begin with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4. Already available in developer previews and beta releases, PQ3 will automatically elevate the security of iMessage conversations between devices that support the protocol. As Apple gains operational experience with PQ3 globally, it will gradually replace the existing protocol within all sustained conversations throughout the year.

The post Apple updates iMessage to protect iPhone users from quantum attacks appeared first on TechHQ.

• Unpredictable quantum keys are a mind-boggling way to ensure data safety.
• That which cannot be predicted, can be neither cracked nor hacked.
• Preparing for a quantum future right now makes sound business sense for your data.

READ NEXT

How can quantum computing help my business?

As part of our look into the businesses using the UK’s Cyber Runway from Plexal in 2023, we talked to a handful of this year’s cohort. George Dunlop, co-founder and director of partnerships at Quantum Dice, a provider of unpredictable quantum keys, was next to sit down with us.

We felt the need to make an early confession.

THQ:

Hi George.

Quantum.

Every time we read about quantum technology, it boggles our brain for a good half hour before it even starts to make sense. But quantum technology is often described as the next big revolutionary model in the tech world – and yet it’s here. Now.

What’s the market like for unpredictable quantum keys right now? And how has it been moving in the last year or two?

GD:

We’ve seen a great maturation in the space, but it’s not an uncommon experience that you just described with quantum. The focus in the market right now is really driving value in applications.

THQ:

So making esoteric physics into business value?

GD:

Exactly.

In quantum technology, we’ve seen physics move from an academic research area to an ecosystem of technology applications. Emerging solutions are coming to demonstrate specific, clear commercial value. One of the most mature areas in quantum technology right now is in its application to cybersecurity, which is driving value around the unpredictable quantum keys we use to lock and unlock our data.

The value add of quantum keys.

In the past few years, we’ve also seen significant acceleration in the cybersecurity industry, which has uncovered a couple of vulnerabilities in existing solutions, where quantum can offer a value add.

Most notably, we’ve seen the discovery of a vulnerability in firewalls, where it was found that the keys companies were using had insufficient entropy or randomness.

THQ:

The second law of thermodynamics. Entropy increases…

GD:

And if you want to produce better quantum keys, you need a good and trusted locksmith for your cybersecurity applications – which is where quantum technology can come in.

THQ:

We’ve spoken to other players in the quantum market, and it seems to be a reverse-driven process, right? The weaknesses in our current cybersecurity posture were often discovered by people looking at the things they’d have to do to ensure their cybersafety once the big quantum technology explosion happens, when we get quantum computers that point and laugh at what we currently call data security.

To what extent do people understand the need for things like quantum keys at this stage?

Let him who hath understanding reckon the number of the keys…

READ NEXT

Risk management: quantum computers roll dice at the casino

GD:

That depends who you ask. If you ask the general public, probably not at all. But in cybersecurity and industry, it’s been known and understood since the late 90s.

As you say, the big quantum point is coming – the point where quantum computing becomes stable enough to become a mundane reality. We can debate when it’s coming, but it’s known that it’s on the horizon. So yes, it’s fairly well understood, and there has been that sort of reverse-engineering at work. Sometimes you don’t know a vulnerability is there until you go looking to solve something you’re assuming will be there in the future.

THQ:

Be fair – that sounds very quantum…

GD:

So if we talk about quantum, there’s this application, but then there’s also what the technologies themselves can enable.

The thing in the past few years that has really driven understanding has been adding quantum to standards. The most recent development was NIST in the US issuing the draft standards for the tools that will be used to protect against quantum computers.

Now, if you have a vulnerability, or you have a risk, the key step is being able to measure that risk, so you can quantify both your exposure and your areas of vulnerability. So, one of the most mature areas is quantum key generation, which means there are actually benefits the technology can add now, by being able to measure the quality of your keys in real time.

That’s a measurement that quantum systems offer, where you’re able to measure where your randomness comes from, and actually delve down into the origin of your trust.

Quantum keys: the dummies’ guide.

THQ:

Boggling jussst slightly, but let’s stick with it. We understand how quantum random number generators would work in terms of locking things up. We’re a little sketchy on how they then can be unlocked by the rightful owner of the data.

GD:

Right. If you think of your enterprise as a building, you build your walls, your doors, your locks and your keys, to protect your data or yourself.

READ NEXT

Intel launches its first quantum chip

There are many tools and bits of software you can use. For example, you can use software encryption as a lock to protect our data. Now, when you ask the question “How do you want to unlock the data?,” we’re talking about using quantum, an area of physics, to create high quality keys.

Quantum technology is also being used to create better locks for your data, for which the key can be produced to unlock it in the same way that a quantum computer for example would do (another area of quantum physics being used to break the whole house down – but it’s still a tool).

So when I talk about Quantum Dice producing high quality keys, we’re using the measurability we can use to provide proof and trust in the keys that you’re making, in the same way that you’d use another area of physics to build trust in a different tool you’re building.

When you really care about data security – go quantum.

THQ:

Wait, wait, we think we’re getting it. So just like you use gravity to test the effectiveness of a spirit level, you use the principles of quantum physics – entropy, randomness and the gang – to test the effectiveness of a key, so companies can be reasonably sure that the key locks and unlocks their data – but that nothing else can get in or out?

GD:

Something like that.

There are ways and means of using quantum to lock and unlock data. And the key consideration for anyone in security is having trust and verification in the process by which you do that.

That’s the power of unpredictable quantum keys.

Still confused? Watch this.

THQ went for a short lie down in a darkened room at this point. When we came back, Jonathan Wood of security and compliance firm C2 Cyber was waiting for us, with unusual answers to questions of intelligence.

The post Unpredictable quantum keys – using physics as cybersecurity appeared first on TechHQ.

Despite the sky-high demand for GPUs – thanks to a boom in generative AI – you won’t discover the future of computing by listening to an NVIDIA earnings call. Finding out what’s on the edge of possible comes from sources outside the usual cluster of big tech firms. And for a handful of days, many of those unconventional computing experts were gathered in Bristol, UK, just a short walk from TechHQ’s main office.

Taking an unconventional route to visiting Unconventional Computing Bristol 2023. Video: JT.

The workshop was held under the aegis of COGITOR and FUNGATERIA – two forward-looking, EU-funded projects that radically re-think how information can be processed and provide an intriguing glimpse into the future of computing.

By definition, unconventional computing almost defies trend. However, looking closely at the ideas being brought to the table – and there are some brilliant ones inspired by the behavior of soldier crabs and utilizing cultivated fungal networks – it’s possible to see patterns.

READ NEXT

Self-powered Bluetooth sensors support circular economy

Nature’s computers have some common elements, such as oscillators, and numerous examples in the natural world prove that these components don’t have to be engineered in silicon. Jerzy Gorecki, presenting his results in the opening session of Unconventional Computing Bristol 2023 – which was chaired by Andrew Adamatzky, a well-known figure in the field and organizer of the workshop – highlighted the prospects for computing with chemical oscillators.

Propagating chemical waves can quickly find the shortest path in a maze – a reaction-diffusion computing process dubbed the prairie-fire algorithm. And, in another of the opening day’s presentations – discussing advances in chemical AI – Pier Luigi Gentili reminded the audience of how neurons in the brain rely on propagating chemical waves. Such mechanisms may play a role in consolidating our memories during sleep, and point to how chemistry is inspiring advances in the future of computing.

Rather than use larger fluidic systems, some researchers working in chemical AI are choosing to go small and build from the bottom up. Shin-Ichiro Nomura, who’d travelled to the event from Japan, discussed the creation of molecular auto-matter – tiny molecular robots (or molbots) that can be instructed using UV light.

Genaro J. Martinez from the School of Computer Sciences, National Polytechnic Institute, Mexico City, demonstrated how complex systems can evolve from just a few simple rules. 1/2 speed GIF: JT.

Describing some of the practical uses of chemical AI, Gorecki outlined an approach for implementing neural networks using chemical reactions to solve certain types of classification problems.

Wetware (adding to the concepts of hardware and software) could end up playing a major role in the future of computing. Modeling shows that just three chemical oscillators can achieve 98% accuracy, and applications include determining whether a certain drug will be effective for a patient by learning from gene expression data.

As well as the need for oscillators – for example, to engineer pulses – it might be surprising to learn that another important element of future computing platforms could include noise. Typically perceived as negative in conventional electronics, noise can have positive benefits in biological systems.

Speaking to TechHQ during lunch on day one of the workshop, Victor Erokhin – who’s long been studying the fundamentals of organic neuromorphic systems (in other words, computer systems inspired by the structure and function of the human brain) – painted a useful thought picture of why noise is beneficial in nature.

Imagine you have a series of valleys representing possible solutions to a problem, with a marble resting inside one of those minima marking the current answer. Noise shakes up the system so that the marble can traverse into the deepest valley, allowing the system to identify the most favorable solution.

Cellular automata navigate logic gates – earlier work by Genaro J. Martinez.

A popular talking point over the two days, was the idea of reservoir computing – which could be a much more efficient way of implementing AI methods. Rather than having a deep neural network in software with many layers and billions of parameters (the weights that cause artificial neurons to fire when they see a picture of a dog, but not a cat, for example) researchers are coupling inputs and outputs to a central reservoir, which can take a number of forms.

One option is to use memristors – a technology combining memory storage and information processing. The thinking is that a memristor array could capture the complexity of a neural network in hardware – for example, with resistances at different nodes analogous to the model weights. And it opens the door to some clever signal processing, in theory.

READ NEXT

Neuromarketing brainwaves capitalize on sales opportunities

In practice, as Konrad Szacitowki – a chemist who’s been busy investigating new memristive materials – pointed out, getting memristors to behave consistently is a challenge. That being said, the technology tempts a fascinating alternative to the giant AI models of today. And there are some early designs on the market, such as memristor chips by KNOWM that allow developers to experiment with a possible future of computing.

Reservoir computing can be engineered in other ways too – for example, using programmable magnetic liquids. “It’s possible to program the system to recognize digits,” Alessandro Chiolerio – coordinator of Project COGITOR and part of IIT’s Bioinspired Soft Robotics group – told the audience, updating attendees on advances in colloid computing.

Liquid-state cybernetics and dice-rolling bacteria

The COGITOR project has ambitions to prototype a liquid-state cybernetic system capable of providing memory, computing, pressure sensing, and energy harvesting (from thermal gradients). One of the reasons for taking an unconventional computing approach is to engineer a system capable of surviving extreme environments for potential applications in space.

Testing has shown that the ferrofluid used by the team to enable in-memory computation is capable of at least 10 million endurance cycles. And Chiolerio explained that the amorphous nature of the solid-state device makes it extremely robust, raising the prospect of long lifetimes.

There’s no shortage of candidates when it comes to the future of computing, and keeping an open mind is key to discovering solutions that may be off the radar to many people. On this theme, Dan Nicolau – a mathematician and medic who’s been looking at ways of using bacteria to solve difficult maths problems encoded in structures – revealed a novel technique for generating random numbers.

True random number generation (TRNG) is harder than you may think. Unpredictability is key to providing security through cryptographic systems, and if adversaries know anything about the seed, they can potentially work backward to break the code.

Nicolau has built a working chip that encases bacteria in a recirculating design, which presents the microorganisms with a maze of split junctions. Random numbers (the unpredictability of the process has been validated by NIST testing) are produced according to the decisions of bacteria to go left or right as they journey through the grid of channels, which gives TRNG output at very low energy cost. Plus, the setup has another enticing feature.

Because bacteria can pass over each other in the channels, it’s possible on occasion for the binary result at a junction to be both zero and one. In the TRNG configuration, these results are rejected. But anyone who’s peeked into the world of quantum computing will know that superposition (the ability of a quantum bit to be both zero and one) opens the door to new ways of problem-solving.

DNA puts a new spin on SQL

Looking at other topics on the agenda, the future of computing could also take an interesting turn when it comes to data storage. Natalio Krasnogor leads a multidisciplinary research group that’s investigating DNA as an alternative to today’s digital archiving media. DNA is stable and can last for thousands of years under the right conditions. And perhaps its biggest attraction for use in IT is data density – a single gram of DNA is said to be able to store in the region of 215 petabytes of data, which is enough to accommodate well over 30 million HD movies.

READ NEXT

Brain-inspired computing could solve energy-efficient AI puzzle

So far so good, but – as Krasnogor points out – there’s the issue of cost. He reports that the current cost to store 1 MB in DNA is around US $900, which puts the price at around $900 million for 1 TB of storage, compared with around $60 if you simply used a commercial SSD.

However, computing technology has a reliable habit of becoming cheaper over time, as methods scale and move from the lab to the fab. And there’s another reason why DNA might succeed in the longer term. Molecular data structures, while they may not be fast, provide opportunities for compute as well as storage.

This means that DNA archives could offer data processing opportunities. Imagine information storage hardware that could understand SQL queries, and you’re heading in the direction that Krasnogor, and others, believe could be a sweet spot for the novel approach.

Attending an unconventional computing workshop offers many clues about the nature of next-generation information systems, such as designs capable of harnessing the embodied intelligence of plants. Plants are self-assembling, self-repairing, biodegradable, solar-powered, and certainly worth taking a look at when considering the longer-term future of computing.

Fungal networks controlling robots

One of Andrew Adamatzky’s claims to fame in the unconventional computing arena is recognizing the potential of slime mold – commonly found in forest settings – to address complex logistics and transportation issues. If you want to discover the shortest possible route to visiting a number of destinations exactly once and return to your origin (the so-called ‘traveling salesperson’ problem, which has to be approximated when run on classical computers) – slime mold can give you the answer in just a few hours.

Given his successful track record, when Adamatzky and his research partners bring up the topic of using fungal networks to control robots, it’s worth paying attention. Underpinning this fascinating perspective on the future of computing is the fact that fungi show spiking neuron behavior reminiscent of action potentials in the brain.

Interested in:
1) #Fungal #biofabrication
2) Conductive #functionalisation of fungal#mycelium
3)Fungal #computing
….and how all this gets integrated into:
4) #Architectural #design?

Then read our latest #OpenAccess research article here: https://t.co/pOS9wdSVbA pic.twitter.com/oTV1I0I8SA

— Phil Ayres (@philayres_) February 1, 2021

Specifically, it’s the root-like structure (mycelium) – which can extend for tens of kilometres between fungal colonies – that provides this highly prized, but as yet little understood property. Researchers are recording these spikes to try to determine how fungi communicate so that they can potentially tap into the conversation to perform computing tasks.

Demonstrations at the workshop included a robot capable of moving its mouth in response to signals derived from mycelium. Another team is trying to picture fungal dreams using generative AI. And while these pursuits may sound far-fetched, it’s worth considering projects elsewhere in other fields, such as CETI that’s trying to understand what whales are saying.

Fed with training data, AI can embed similar words close to each other and geometrically map context such that ‘man to king’ resembles ‘woman to queen’. And those relationships are strikingly similar across different human languages, which raises the question of whether AI can tease out information from other species and even plants.

“Our goal is real-time dialog between natural and artificial systems,” Ugnius Bajarunas, a member of Adamatzy’s team told the audience, noting that it’s an ambitious and challenging project.

What will computers be like in 2050?

Looking back 30 years, and it’s striking how far computers have come in design and performance. Small, yet powerful, smartphones with pin-sharp, full-color displays in form factors that fit in your pocket with wireless connectivity wouldn’t be how you’d describe computers in the 1990s. Instead, device users had to make do with brick-like laptops, which made portable computing possible, but would be no match for today’s mobiles.

The common link between then and now is having processors based on silicon. However, projecting forward to 2050 and listening to what workshop attendees had to say, it feels like progress will be made along a variety of lines, not just following tracks laid down in silicon.

Presentations at Unconventional Computing Bristol 2023 have shown that answers to the question ‘What will computers be like in 2050?’ could include logic derived from wildly different sources. In fact, one of the sessions even raised the question of being able to perform computing with a rock. Keeping an open mind throws a whole new light on how to identify the future of computing and harvest it.

The post Considering the future of computing – chemical AI and beyond appeared first on TechHQ.

What is the purpose of post-quantum cryptography? The basic, white bread answer would be “to keep all your secret stuff safe in the apparently imminent age of quantum computing, when standard cryptographic algorithms will be worth less than the paper on which you print them out.”

READ NEXT

Quantum computing explained

That’s it in a nutshell. Quantum computing, a development that’s set to massively increase the processing power and speed of computers as we know them, is, according to plenty of cryptographic experts, likely to pull on the thread of all known, pre-quantum cybersecurity, and keep pulling until all our carefully constructed cryptography is just a pile of numbers around our naked, exposed ankles.

Post-quantum cryptography is a collective term for an ever-growing group of methods that will allow quantum computing to exist while still protecting all our secrets (like bank account numbers, Netflix passwords etc, but also like access codes to nuclear or chemical laboratories, government buildings, national critical infrastructure systems and more). Without the ability to have and keep secrets, the world as we’ve come to know it would stop functioning in a big, big hurry.

Public-key encryption.

The problem as it exists is that a lot of our pre-quantum cybersecurity is based on public-key technology. What’s public-key? Essentially, it’s just a large numerical value that we use to encrypt our data. Imagine, say, ten Rubik cubes, linked together through the center. Every move you make to solve one cube makes the same move on every other cube, each of which have a different initial configuration.

It’s theoretically possible to solve all the puzzles together, but it a) takes quite the computational genius, and b) takes the computers we have a good deal of time, during which, a handful of cheerful alarms can be set off and security teams can come metaphorically running to intercept and throw out the potential hacker.

That’s great, so long as everyone’s using the same kind of computer, because it creates an unlikely but usefully level playing field.

The reason quantum computing is expected to be so fast is that it will be able to handle not only comparatively vast numbers of numbers simultaneously, but also vast numbers of computations simultaneously.

READ NEXT

What are qubits in quantum computing – and why you should care?

It’s likely to look at the intricately constructed mega-puzzle that is pe-quantum public-key encryption, smile indulgently, say “Cute,” solve the whole thing in the time it takes to say “Cute,” and go about its Wikileaky day, leaving everything that had been protected by public-key encryption exposed to the elements, the hackers, the blackmailers and the hostile nation states.

In theory…

At least, that’s the theory. We don’t technically know that quantum computing will be able to do that, and there’s a sense of Millennium Bug planning about the whole thing. But as with Millennium Bug planning, if the nightmare scenario of quantum computing does come true and leave everything using public-key encryption open and exposed, we’re going to feel mighty foolish for the half-hour or so before the world dissolves into chaos, anarchy, James Bond movie plots and possibly a primitive non-computer dystopia.

Incidentally, it’s true of course that public-key is only half the story of pre-quantum cryptography. There’s also a private-key element, which is usually individual-specific. But it’s widely considered that if quantum computers can crack public-key cryptography, then private-key is likely to be little more than an hors d’oeuvres of decryption, the easy sudoku before it moves on to the cryptic version.

Hence the need to be prepared for the era of quantum computing by deploying post-quantum cryptography. But what really is the purpose of post-quantum cryptography? What does it really mean, and perhaps more to the point, how do we really do it? If the giant number-cruncher is coming for all our precious secrets, how in the world do we protect them?

The Science.

Naturally enough, the way post-quantum cryptography works depends on understanding the purpose behind it, and the way the quantum computers are most likely to work.

Behind our folksy, easily digestible Rubik cube analogy, pre-quantum public-key cryptography tends to rely on three hard math problems: the integer factorization problem, the discrete logarithm problem, and the elliptic-curve discrete logarithm problem.

Feel free to look them up if you want to go beyond the Rubik cube analogy. Google will pretend to be your friend.

Post-quantum cryptography, perhaps perversely, will still most likely use public-key as its core approach, but will likely focus on any one or more of a handful of other techniques, given that quantum computers are expected to be able to solve the existing security problems in a handful of digital heartbeats, thanks to their ability to rapidly deploy Shor’s algorithm.

Potential methods of delivering post-quantum cryptography.

READ NEXT

The potential threat of quantum computing

In brief, the front runner types of public-key algorithms that are most likely to deliver post-quantum cryptography are:

Lattice-based cryptography.

In particular, it’s worth keeping an eye on NTRU lattice-based cryptography, which has some significant testing behind it (with, admittedly, current computers), and has so far withstood years of attempts to crack it. That’s why NTRU lattice-based cryptography – or at least something called the Stehle–Steinfeld variant of NTRU – is being promoted for study as a potential standard of post-quantum cryptography by the Post Quantum Cryptography Study Group sponsored by the European Commission.

Hash-based cryptography.

Less fun than they sound, hash-based cryptographic algorithms have been around since the 1970s (and as such, we might think them useless in fighting 2020s or 2030s quantum computer intrusion). Actually though, their fundamental nature as alternatives to numerical digital signatures might have some skin in the post-quantum cryptography fight. As yet, they’re less supported for investigation than the likes of lattice-based cryptography, but there’s nothing fundamental that says evolutions of the likes of Lamport or Merkle signatures might not have a part to play in the post-quantum world.

Code-based cryptography.

Another contender favored by the European Commission, code-based cryptographic algorithms tend to rely on error-correcting codes. Ironically, one algorithm called the McEliece signature has withstood attempts to crack it for over 40 years by using random codes. Researchers that have tried to add more structure to the McEliece signature have invariably made it weaker and less stable, suggesting that useful randomness may have a part to play in post-quantum cryptography.

Supersingular elliptic curve isogeny cryptography.

While it might not exactly trip off the tongue, supersingular elliptic curve isogeny cryptography might well prove useful for forward secrecy (useful for avoiding the likes of mass surveillance by unfriendly governments). It’s also essentially a quantum-resistant version of an already widely-used version of public-key cryptography, the elliptic curve Diffie-Hellman key, so there are arguments in favor of it being a minimal-hassle upgrade.

Symmetric key quantum resistance.

Another alternative that more or less already exists is symmetric keys. Public-key cryptography is one thing, symmetric key cryptography another, but it’s another that already exists and is in use, and is expected to be quantum intrusion-resistant. That means there are many organizations suggesting we simply switch out public-key cryptography for symmetric key cryptography altogether.

Whether that will deliver a long-term solution remains as yet hard to judge – at least until we see fully-powered quantum computers, up, running, and on their game. But it’s certainly a theoretical way of deferring the problem while robust long-term post-quantum cryptographic algorithms are tested and developed in the field.

Multivariate cryptography.

One of the longer shots in the field right now, multivariate cryptography is exactly what it sounds like – cryptography based on the solving of multivariate equations. In its current form, it’s not been particularly effective in testing, and in principle, the idea of essentially making public-key cryptography just a little more complex probably won’t survive more than a couple of rounds of evolution of fully-powered quantum computers.

Still, the idea of doing more complex things with existing math appeals in the here and now, and if, for instance, the quantum cryptography apocalypse never arrives in the dramatic fashion that’s being forecast, multivariate cryptography might yet have a future as a heightened evolution of pre-quantum cybersecurity.

Whichever options withstand the power of quantum computing best will undoubtedly shape the direction of corporate, government and personal cybersecurity for at least a generation. Which options those turn out to be… we’ll have to wait and see. But ultimately, what is the purpose of post-quantum cryptography? It’s to make sure business continues as usual in a world of the casual supercomputer in your pocket, on your desk, and everywhere else.

The post What is the purpose of post-quantum cryptography? appeared first on TechHQ.

Quantum computing by its very nature is set to revolutionize how we think about computers and how we use them. But if the tech world knows one thing down to the chill in the marrow of its bones, it’s that every opportunity brings the shadow of a threat in its wake – and vice versa.

In September, 2022, UN Secretary-General António Guterres included quantum computing among his list of perceived techno-threats for the times in which we live, claiming it could “destroy cybersecurity.”

The idea of any single breakthrough being able to destroy the whole notion of cybersecurity sounds like the plot of an as-yet-unmade James Bond movie (Hey, Eon Productions Ltd – call us).

We sat down with Dr Ali El Kaafarani, a research fellow at Oxford University’s Mathematical Institute, and founder of PQShield, to ask him whether the sky was really falling in.

READ NEXT

Qrypt strengthens data defenses against quantum attacks

THQ:

What exactly is the threat of quantum computing? Among everything else there is to worry about, what’s the scope and the scale of the quantum threat? Why should we take it seriously?

AEK:

Quantum computers will have the power to solve computational problems that were previously thought impossible for a standard computer to crack. While this presents many opportunities, it also poses a significant security risk as it renders the traditional encryption methods used to protect virtually all of the world’s sensitive information obsolete.

Important and sensitive data, even when encrypted, is constantly being stolen and stored by bad actors who hope to decipher it one day. This is known as a “harvest now, decrypt later” attack. When powerful quantum computers arrive, all our data will be vulnerable to this kind of retrospective attack.

According to the US National Academy of Sciences, an initial quantum computer prototype capable of breaking current encryption methods could be developed in the next decade.

THQ:

Well… that’s pretty chilling.

AEK:

For nation states, the intelligence value of reaching this threshold is almost impossible to quantify. NIST says that once this threshold has been crossed, “nothing can be done to protect the confidentiality of encrypted material that was previously stored by an adversary.” That’s why data needs to be protected with quantum-resistant encryption today, even before these machines are a reality.

THQ:

So, when the Secretary-General said quantum computing could destroy cybersecurity, there wasn’t even a hint of hyperbole in there? Any idea when within the next decade this could happen?

READ NEXT

Fault-tolerant quantum computing moves two-steps closer

AEK:

According to Booz Allen Hamilton, “the anticipated cracking of encryption by quantum computers must be treated as a current threat.” Only late last year, top former US national security officials including the Deputy Director of National Intelligence, warned the world that the danger of these types of attacks was ‘immediate.’

THQ:

Well… it’s been nice sleeping at night. So, for instance, how do businesses that want to outlive this development assess their vulnerability to quantum attack? What stages does such an assessment come in?

AEK:

There are many who recognize the seriousness of the quantum threat but don’t actually know how to go about protecting themselves against it, or who feel overwhelmed thinking about the overhaul associated with migrating their systems to meet a new set of standards.

THQ:

We can imagine the overwhelm, certainly.

AEK:

However, if you break it down into smaller steps, the migration process is not so daunting. Transitioning from cryptosystem to cryptosystem is no trivial task, which is why it is best to start as early as possible.

As the NIST National Cybersecurity Center of Excellence (NCCoE) points out: “It is critical to begin planning for the replacement of hardware, software and services that use public-key algorithms now, so that the information is protected from future attacks.”

Switching from one cryptosystem to another within a given security solution is unlikely to be a simple drop-in task, particularly for businesses that haven’t even begun planning for the post-quantum transition, which is likely to be the biggest cryptographic transition in decades.

READ NEXT

Companies consider post-quantum cryptography options

THQ:

So… we’re thinking this is not a particularly straightforward job?

AEK:

Well, the ease or difficulty with which certain cryptographic algorithms can be switched out in embedded hardware and software will determine the speed with which a transition can be achieved. Crypto-agility allows for a smoother transition between standards. If a system is crypto-agile, it means it is built with flexibility and futureproofing in mind, with cryptographic algorithms that are easy to update and replace over time with minimal disruption to the overall system.

THQ:

So the more agile a business is – and the sooner it starts getting to grip with the invisible ticking clock of the quantum threat – the more likely it is to be able to ride out the new paradigm?

Once businesses have an understanding of their quantum computing vulnerability, what can they actually do about it?

AEK:

We don’t yet know for certain that a high-functioning quantum computer exists, because it is not unfeasible that a bad actor would choose to conceal its existence in order to maintain its technical advantage – along with the element of surprise. The prudent way forward is to start preparing for the worst now because it’s a question of when, not if.

Post-quantum cryptography standards were announced in July last year. The first draft standards will be published in the next couple of months, with the final versions ready in the first half of 2024. In the meantime, it is possible and advised to use hybrid cryptography libraries that can support both classical and post-quantum standards in the transition phase.

In the meantime, businesses can ensure that their cryptography is FIPS 140-3 compliant. FIPS 140-3 is a good stopgap to aim for until more tailored standards are introduced, and because it is a mandatory standard for the protection of sensitive data within US and Canadian federal systems, it is a prerequisite for any contractors that want to do business with these governments.

Another place to look is the Department of Homeland Security, which published a post-quantum cryptography roadmap – a useful guideline for establishing a transition plan before standards are finalized.

THQ:

Are we confident that NIST’s new cryptographic standards are sufficient to meet the quantum threat of today? And is the threat likely to evolve as we go forward?

AEK:

Because the future capabilities of quantum computers remain an open question, NIST has taken a variety of mathematical approaches to safeguard encryption. Each mathematical approach has different advantages and disadvantages in terms of its practicality, implementation and design.

The logic to all this is that future research may discover new attacks or weaknesses that can be exploited to render any one particular algorithm obsolete. It’s why NIST may ultimately choose multiple algorithms to standardize – and hold another handful close at hand as backup options.

THQ:

If, as we gather, the threat is likely to evolve, how do we prepare now to meet it? What’s the scope for quantum cryptographic security over, say, the next five years?

AEK:

Meeting the threat relies on implementing post-quantum cryptography. So, naturally, in the next five years, we’ll see different sectors moving to adopt post-quantum cryptography. In some cases, this won’t be by choice – they will be following mandatory timelines set out by the US Government and others.

Remember, according to the US National Academy of Sciences, a quantum computer prototype capable of breaking current encryption methods could be developed within the next decade.

By 2030, it will surprise no-one if there are fully functioning quantum computers already.

Dr Ali El Kaafarani, CEO of PQShield.

The post The potential threat of quantum computing appeared first on TechHQ.