As someone who has a keen interest in cyber security, I am constantly on the lookout for the latest updates in the industry. That’s why, when I came across this paper on quantum encryption, I just couldn’t wait to share it. To save you the time and effort of reading through the full 10-page report, I thought I would summarise it for you in a short-and-sweet blog post. Keep reading to get your full on cyber security nerd on…
To set the scene, the original paper opens with this:
“Blockchain has vast transformational potential, but flaws in security will hold it back.
The cryptography securing blockchains is compromised, making all data and value vulnerable. NIST is urging the world to migrate as soon as possible. But the proposed “Post Quantum Algorithms”are not suitable for blockchain, causing huge latency and block size problems, for only a short-lived cryptographic fix.
The technology must change to survive.“
A rousing speech on the need for new developments in cyber security? Definitely! But also some very valid points made, which lead wonderfully into the introduction of the solution the paper’s authors have called “quantum encryption”. Before I go into their solution though, I’ll quickly recap why exactly a new solution for cyber security is needed in the first place.
Right now, we rely on a system called public-key infrastructure (PKI) to keep us safe and secure online. PKI is used by almost every webpage on the internet, as well as by a huge number of organisations in securing their internal and external communications. The truth is, this technology is incredibly outdated. PKI was first developed in the 70’s and is (unsurprisingly) far less effective against the cyber criminals of today. In order to keep us safe from cyber attacks like the recent attack on Kaseya (amongst others), we need to find a better solution.
The alternative this paper is all about provides an added extra layer of “quantum safe” security. It’s called “quantum” safe because it’s also secure against quantum computers (a.k.a the scary super-fast and super-intelligent computers that we expect will pretty much take over the world in the next five to ten years). This extra layer of security can be achieved by adding a digital notary service called a “quantum notary”, which will form an additional step in the unlocking process for a new piece of data to be added to a system, or for an existing piece of data to be removed or changed.
The quantum notary can either be operated by the cloud, or by any individual or group of individuals. This means that the notary providers do not have to have control of the notary, and the database holders can keep everything in-house. One less middleman = one less person to worry about when it comes to keeping your online data secure. Another option would be to go for what’s called a “decentralised scheme”. This is where lots of different operators are in control of lots of different versions of the notary. They’re all doing the same thing, so if one of them is compromised in some way, the others will notice and fix the problem. This is very similar to the way decentralised blockchains work right now.
The best part about this “quantum safe” notary system is that it would make it literally impossible to achieve the kind of certification that we’ve seen achieved in recent attacks like the Kaseya hack. This pretty much means that, with this solution, the whole scandal caused by the Kaseya hack (and the ripple effect that came afterwards) could have been prevented…
Whether you’re a cyber security nerd like me, or you’re simply a little bit interested in the world of technology and what is to come, I hope you found the news of this new wave in cyber security tech as interesting as I did. If you wanna find out more about it (and you’ve got a bit of time on your hands), I’d recommend reading the full paper using the link below. If not, I hope that this blog gave you enough of a snapshot to go away satisfied and knowledgeable enough to boast to your friends about your new found interest in quantum encryption…
Full paper: https://arqit-res.cloudinary.com/image/upload/v1627369111/Digital_assets_The_security_problem__yya4bn.pdf