Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    DigiCert, Gemalto, ISARA Partner on Quantum-Safe Encryption

    By
    SEAN MICHAEL KERNER
    -
    September 21, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Quantum computing

      While quantum computing could potentially enable new innovations and models for IT, it also represents a looming challenge for IT security, as existing forms of encryption could be at risk. 

      In an effort to help prepare for the post-quantum future, DigiCert, Gemalto and ISARA announced a partnership on Sept. 20 to build quantum-safe encryption technologies. The joint effort will develop technologies that can enable digital certificates and secure key management for internet of things (IoT) and other devices in the post-quantum era.

      “Researchers at ISARA and elsewhere are developing new cryptographic algorithms that quantum computers can’t break, and these will need to be used in PKI/TLS certificates, and everywhere else classical asymmetric algorithms are used,” Tim Hollebeek, industry and standards technical strategist at DigiCert, told eWEEK.

      Quantum computing has advanced rapidly over the last year, with Google publicly announcing a 72-qubit system in March, surpassing the 50-qubit system that IBM announced in November 2017. With quantum computing, existing forms of public key cryptography could be at risk when a machine with enough power is built. In a session at the 2017 Open Source Summit in Los Angeles, Konstantinos Karagiannis, chief technology officer for Security Consulting at BT Americas, explained that with a quantum computing system with enough qubits, a researcher could literally try every number combination in all dimensions and crack existing forms of public key cryptography.

      While there isn’t currently a quantum computing system that can crack existing public key cryptography, it is a looming risk that has implications for developers today.

      “Many systems being deployed today have lifetimes that mean that they will still be in use in 5 to 15 years when quantum computers are predicted to be a potential threat,” Hollebeek said. “A great example is the automotive industry, where cryptography is used to protect critical communications between components.” 

      Scott Totzke, CEO and co-founder at ISARA, told eWEEK that there is an immediate risk today. For data, the biggest risk is what’s known as harvest and decrypt. 

      “That’s when data currently encrypted with factor-based algorithms is pulled and stored with the expectation that it can be unlocked in the near future with a quantum computer,” Totzke said. “Locking that data in quantum-safe algorithms today adds another layer of protection.” 

      Quantum-Safe Cryptography

      The idea behind quantum-safe cryptography is that it is resistant to decryption by a quantum computing system.

      “A crypto-agile quantum-resistant certificate is an X.509 certificate that supports more than one algorithm,” Totzke said.

      For example, a certificate may contain two subject public keys and two issuer signatures, he said. One algorithm can be classic, like RSA, and one can be quantum-safe, like LMS (Leighton-Micali Scheme). 

      “Unmodified, existing systems can use the classic algorithm in these certificates, while updated systems can use the quantum-safe algorithm instead,” Totzke said.

      Hollebeek added that what DigiCert, Gemalto and ISARA will be delivering is a solution that provides the same protections that classical encryption and key management systems provide today, with the additional assurance that the data will not be at risk when quantum computers become a threat to classical algorithms like RSA or ECC (Elliptic Curve Cryptography).

      Existing technologies for managing cryptographic certificates and key management will require some modification in the post-quantum era. Hollebeek said that at a minimum, the cryptographic software that handles the creation and validation of certificates needs to be upgraded.  

      “Transitioning to quantum-safe techniques will eventually require an investment from everyone who uses cryptography to protect their systems,” he said. “We are offering the ability for manufacturers of long-life devices to start the process now, so that their products with a long shelf-life can use quantum-safe algorithms and not need to be retrofitted later.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×