How To Mitigate Quantum Impacts On Cryptography

Although industry experts expect that quantum computing will be ready for business in 10 to 15 years, Others predict that the turning point will come even sooner—by 2025. That's why the team at Accenture Labs and the Cryptography R&D are working today to examine its effect, including the impact on our existing cryptographic models.

A recent research paper, "Cryptography in the Post-Quantum Era," explains how quantum power can be provided to process the current public-key cryptographic model and what businesses should do now to plan for the post-quantum world.

The public key cryptographic approach has encrypted data for decades, as traditional computers cannot do the calculations required to hack it. Yet quantum computers can solve the fundamental algorithms that currently secure data incredibly effectively. This has significant security consequences for businesses in every field, potentially exposing data to global threats—and all at once.

This feature of quantum computing challenges businesses' ability to maintain secrecy, transparency, and authentication of all corporate transaction structures, business-to-business (B2B) and business-to-consumer (B2C) models, and digital services provided through the Internet cloud or as-a-service on hosted platforms.

As a result of this, NIST and other organizations have sought to develop existing cryptography requirements by finding new quantum-safe algorithms, developing implementation methods, and achieving consensus on the methodology. The company aims to announce a viable validated algorithm between 2022 and 2024. However, companies still need to take matters into their own hands.

A major effort will be made to review, de-risk, and update all current cryptographic schemes in all networks, platforms, software, and third parties/vendors. Plus, it will take at least two to four years for the latest NIST algorithm to be applied once published.

Because of the accelerated approach of enterprise-ready quantum computers, Accenture advises C-suite and defense executives to act now.

Exploring solutions

The study points out a two-phase transformation mechanism. It discusses existing and next-generation technology to brace for this revolution and to mitigate quantum computing assaults.

Stage one, in the near term, covers the pros and cons of transformation to lattice-based and hash-based cryptography—both of which offer a test of quantum cryptanalysis resistance.

Lattice-based cryptography can be used for most existing cryptographic services, such as message signing, encryption, and hashing. Analysis has shown that it resists one of the primary techniques used in the related quantum algorithm to crack public key encryption. Lattice-based cryptography remains a safe alternative to existing approaches unless proved otherwise. However, some lattice-based encryption solutions do not scale as well as the schemes currently in use.
Hash-based cryptography relies mainly on digital signatures. These signatures verify that a certain document or letter came from the author. However, additional cryptographic methods will be required to encrypt or decode the message content.

Stage two, in the longer term, includes the use of quantum mechanics to transform the quality of cryptography at large, both by the dissemination of quantum keys and the generation of quantum random numbers.

Quantum Key Distribution (QKD) is a new advanced form of secure key sharing. Via QKD, parties would be able to explicitly distribute mutual secret keys without the possibility of undetectable eavesdropping or tampering. Dependent on quantum mechanics' properties, any effort to interrupt or observe contact would leave physical traces—fingerprints of a tampering attempt.
Quantum random number generation (QRNG) offers a high bit rate and a mechanically and efficiently stable source of randomness due to quantum physics and mechanics. This also makes QRNG very appealing to the actual generation of keys and seed numbers in vast amounts.

Key Takeaway

Quantum computing poses major security problems to businesses in every field but still provides innovative new cryptographic technologies. Businesses must take steps now to be ready for both.

from Scholars Globe - How To, Science and Tech Tips https://ift.tt/3uNX7G0
via IFTTT