Cryptography in a Quantum World Grégoire Ribordy ID Quantique May 2016 ID Quantique PROPRIETARY
Cybersecurity ▸ Cybertechnologies are becoming ▸ Cybersecurity is a growing and increasingly pervasive. fundamental part of safety and security of individuals, organizations and society 2 ID Quantique ID Quantique PROPRIETARY PROPRIETARY
Cryptography… … is a foundational pillar of cybersecurity ▸ - Cryptography allows us to achieve information security while using untrusted communication systems. - Example: Do you use e-banking? Why do you trust the system? 3 ID Quantique PROPRIETARY
Goals of Cryptography y entialit Integrity Confid Information Security ation Repudi Authentication Non- ID Quantique ID Quantique PROPRIETARY PROPRIETARY
Cryptographic Primitives Asymmetric Symmetric Bob Alice Bob Alice Confidentiality Eve Eve Message Message Message Message Scrambled Scrambled Message Message Public Key Private Key Secret Key Secret Key + other similar primitives for other goals (digitial signatures, etc.) ID Quantique ID Quantique PROPRIETARY PROPRIETARY
Cryptographic Protocol Eve Message Message Scrambled Message Bob Alice Symmetric Cryptography Secret Key Secret Key Asymmetric Cryptography Private Key Public Key 2’357 x 4’201 = ? A x B = 9’901’757 ID Quantique ID Quantique PROPRIETARY PROPRIETARY
Computational Security Computer Science Hard! Easy! ID Quantique ID Quantique 7 PROPRIETARY PROPRIETARY
Classical and Quantum Physics Classical physics Quantum physics Before 1900 After 1900 – Describes the macro scopic world – – Describes of the microscopic world – – Deterministic – – Probabilistic – – Intuitive – – Central role of the observer – – Not very intuitive – Quantum physics Novel information processing Quantum Information Theory possibilities (QIT) 8 ID Quantique PROPRIETARY
Post-Quantum Era? A World with Quantum Computers Computer Science Physics – Computation is a physical process – – Bits → Qubits – – Major consequences in Information Security – 9 ID Quantique PROPRIETARY
Cryptography in a World with Quantum Computers Computer Science Physics Hard! Easy! Easy! ID Quantique ID Quantique 1 PROPRIETARY PROPRIETARY 0
Quantum Algorithms & Impact on Today’s Cryptography Shor’s Algorithm Grover’s Algorithm Peter Shor, 1994 Lov Grover, 1996 ▸ ▸ Quantum algorithm for integer factorization Quantum algorithm to perform search in an ▸ ▸ O((log N) 3 ) vs. O(e 1.9 (log N)1/3 (log log N)2/3 ) unsorted database O(n ½ ) vs O(n) ▸ Key halfed for symmetric cryptography ▸ AES-128 → 64 bits security AES-256 → 128 bits security Can break RSA, Elliptic Curve & Diffie Hellman 11 ID Quantique PROPRIETARY
Cryptographic Primitives Symmetric Asymmetric Bob Bob Alice Alice Confidentiality Eve Eve Message Message Message Message Scrambled Scrambled Message Message Secret Key Public Key Private Key Secret Key Symmetric crypto primitives: ok Asymmetric crypto primitives: at risk (if key long enough) ID Quantique ID Quantique PROPRIETARY PROPRIETARY
Increasing Interest in Quantum IT 1999 2004 2010 Dec 2013 Jun 2015 2015 201x EU invests USA ARDA Canadian NL Chinese UK Government EU €50-75 M in invests in government Government government invests £270M investment quantum Quantum invests €78M in invests €135M plans major in quan-tum technologies via Information quantum in QuTech Delft investment in techno-logies in FET program Science and technologies over next 10 quantum next 5 years over next 7 Technology over next 7 years computing years Roadmap years 2000 2005 2010 2015 2001 2005 2013 July 2014 Sep 2014 2015 ID Quantique Microsoft starts Lockheed IBM invests Google ab- Intel invests established and Station Q at UC Martin buys $3B in research sorbs John $50M in D-Wave Two 1 starts R&D on Santa Barbara initiative that Martinis’ QuTech quantum includes research group communication quantum (UC Santa Barbara) computing ID Quantique ID Quantique PROPRIETARY PROPRIETARY
Quantum Computers in the News 14 ID Quantique ID Quantique PROPRIETARY PROPRIETARY
When Do We Need to Worry? x How long do you need encryption to be y x secure? z Time y How much time will it take to re-tool the existing infrastructure with a quantum-safe solution? x y + > Not possible to provide the required z x years of security zy How long will it take for a large scale quantum computer to be built (or for any other relevant > System will collapse in z years with advance no easy fix z ID Quantique ID Quantique 1 PROPRIETARY PROPRIETARY 5
Why Is this Important? A Classical Risk Analysis Probability Impact of threat of threat currently low Extremely high Risk but increasing if no action taken – Conduct Quantum-Risk Assessment – – Engineer Crypto Agility – – Enter in the Post-Quantum Era – 16 ID Quantique PROPRIETARY
Quantum-Safe Transition “We announce preliminary plans for transitioning to quantum resistant algorithms.” Aug. 2015 ID Quantique ID Quantique PROPRIETARY PROPRIETARY
The Solution: Quantum-Safe Cryptographic Infrastructure “Post-quantum” algorithms ▸ Quantum Key Distribution (aka quantum-resistant algorithms) Classical codes deployable without quantum ▸ technologies. Eg. Lattice, matrix -based algorithms − Hardware solution. ▸ Believed to be secure against Shor’s algorithm ▸ Typically no computational assumptions and thus ▸ but no guarantee that there will not be other known to be secure against future quantum quantum attacks. attacks. Recommended for encryption of high-value ▸ Recommended for quantum-safe digital ▸ information with requirement for long-term signatures & end point encryption. confidentiality. E.g. Data center interconnect, government data − Hugo Zbinden 18 ID Quantique PROPRIETARY
Recommend
More recommend