Quantum Safe Algorithms
A discussion about quantum security with Vice President of Sales and Business Development at ISARA, Paul Lucier
Last updated
A discussion about quantum security with Vice President of Sales and Business Development at ISARA, Paul Lucier
Last updated
ISARA began 5 years ago as a small company of about 35 people from across Waterloo, which is known as a hub for new technology and in particular quantum computing. The group consisted of experts and recent PhD graduates who all shared the same enthusiasm for quantum technology.
At the time quantum computing was still in it's infancy, but those industry leaders who understood cyber security and ethics had growing concern. The strength of quantum systems remains primarily in solving large mathematical problems. This is an exciting possibility - problems that may have taken until the heat-death of the universe on a classical system might finally be considered solvable. The concern comes when these machines are turned toward our strongest encryption algorithms.
As the enthusiastic push toward quantum systems continues, Paul Luicer, Vice president of sales at ISARA Corporation (a company working to integrate quantum safe technology), describes interactions with high up officials:
"Governments come to us and ask 'How do I use this exciting new technology? What can quantum do for us?', and I have to turn around and say - wait a minute. Before you start talking about what quantum can do for you, you need to start thinking about how you can protect yourself!"
Because quantum systems are able to crack the strongest levels of encryption, it allows access to the most highly secured information. This poses a major risk to systems at all levels:
"Not just big government systems, but things you might not think about, like grocery store databases, or over the air updates to your car - this could become a society wide problem, quickly."
Quantum technology has progressed rapidly since ISARA began in 2015. Google just announced their 54 qubit system dubbed Sycamore. Despite this, quantum systems are not ready for prime-time. Systems are huge, extremely expensive to run, and are capable of a relatively limited number of useful calculations. Paul notes that -
"Right now the people with access to the best systems will be the people with the most resources - governments and large corporations."
Widely available quantum systems are still a wild dream, but as with all technology that future is coming faster than you might think. It's expected that general purpose quantum systems may be available within the next ten years, meaning that tangible large scale systems are not too far off.
This may bring comfort to some readers, but it indicated a need for swift action. The development and standardization of quantum counter-measures could take years, and implementation may take even longer. For large organizations with deeply embedded security protocols, 10 years may not be enough.
"Cars are going on the road today with hard-coded encryption keys - those cars will still be on the road when quantum starts to become a real threat. Quantum safe technology needs to be on that factory line right now to make a real impact."
Another major problem is "Harvest & Store" hacking operations, which collect encrypted data and deep freeze it.
"They can't access the information now. In 10 years they can use a quantum system to decrypt data they collected 3 years ago. All they need to capture is one critical piece of information, and the whole operation is worth it. "
Research groups and companies from all over the world have begun to develop the future of quantum encryption.
"ISARA is conducting research now to optimize and make efficient the algorithms that can keep data safe now and in the quantum future."
Some of these algorithms have been submitted to NIST - the National Institute of Standards and Technology, which is an American organization that sets cyber security standards worldwide. Submitted algorithms are currently undergoing rigorous testing to ensure that they're as good or better than current solutions. NIST releases a new framework every three years.
"With any luck, one of ISARA's optimized algorithms will be part of the next framework."
There are a number of interesting techniques currently being proposed for quantum safe algorithms. Though some of these ideas are very promising, many of them are currently not feasible for wider implementation. Others are untested and require further study before they're ready for deployment into production.
One obvious solution is to simply increase the complexity of the encryption math. This is a promising idea with various possible routes for implementation. Several solutions along this path are currently in development, and some are prepared for testing. An example of this would be Hash-based cryptography.
Another idea is to exploit error detection algorithms. Quantum systems have certain amount of inherent, unavoidable noise. Noise can be piped back into learning algorithms, producing complex networks of possible solutions. This approach has been shown to be resistant to attacks from both classical and quantum systems. An example of this would be Lattice-based cryptography.
The most interesting option in context with the rest of this work would be entanglement based solutions. Here we take the information we want to encrypt, and quantum scramble it so badly that it's not only complete useless, but also impossible for classic systems to parse. The result is information that only a quantum system with the proper key are able to read.
Images courtesy of ISARA Corporation
Paul Lucier is a VP of Sales and Business Development who partners with CIOs, CISOs, Military leadership and problem solvers to help introduce technology solutions that drive positive change. After spending 20+ years in ICT opening up new global markets, streamlining operations, managing teams and directing sales and business development growth, Paul understands how transparency nurtures dynamic partnerships. His expertise is networking and navigating successful sales in the US Federal Government, specifically the Department of Defense. It’s how effectively you listen to and anticipate the needs of the people you’re trying to help, which fosters win-win long-term partnerships.
Paul played a crucial role in leading explosive global growth in his 14+ years at BlackBerry by developing meaningful partnerships within Federal, State and Local Public Sector, Department of Defense and F1000 enterprises. Relying on exceptional relationship building and networking skills, Paul supervised successful new market launches in North America, across Europe, Africa, Russia and the Middle East.
Paul holds a BA in Communications from the University of Windsor and a Diploma in Business Administration from Wilfrid Laurier University.
You can find Paul through his personal social media:
LinkedIn: https://www.linkedin.com/in/plucier/
Or through ISARA's official social media feeds:
Facebook: https://www.facebook.com/isaracorp/
