Quantum Computers and Post Quantum Cryptology Studies

Bogeyman 

Experienced member
Professional
Messages
8,041
Reactions
57 28,560
Website
twitter.com
Nation of residence
Turkey
Nation of origin
Turkey

Thanks to Prof. Dr. Çetin Kaya Koç, this country has been playing to the top in the world in the field of post quantum cryptology for 20 years.


You can find the "Applied Cryptography" course given to YL / PhD students from Yıldız Teknik & other universities on the "Computer Science and Cryptology" page on YouTube.



Time to Prepare for Quantum Attacks


Quantum computers are one of the most promising technologies of recent times, and they will be much faster than conventional computers powered by bits. Quantum computers will do this by computing all possibilities at the same time, not one by one like traditional computers. And in this way, problems that take years to solve with traditional computers can be solved in a few seconds.

Such a great speed will surely change many things in our lives. However, in addition to the advantages it will bring, there will also be some dangers. For example, deciphering today's unbreakable codes will be child's play for quantum computers.

Although we do not pay much attention, a lock symbol appears in the address bar of our browser when using e-commerce sites, banking transactions, sending e-mails. This shows that our information is encrypted and protected. These types of encryption methods are vital to protecting our personal and financial information.

There are two basic types of encryption: Symmetric and asymmetric encryption. In the symmetric encryption method, a key encrypts open text, while making the encrypted text open. In the symmetric encryption method, the person holding the key can easily decrypt the passwords. In asymmetric encryption, also called public key encryption, there is both a public and a secret key. The message is encrypted with the public key and can be decrypted with the other party's secret key.

Traditional encryption methods, simply put, depend on the strength of secret keys based on mathematical problems that are difficult to solve by traditional computers. It's easy to get 33.043 by multiplying the numbers 173 and 191, for example, but figuring out which two numbers multiply 33.043 is not so easy. Attackers can try all possibilities to crack these codes. However, long pairs of numbers make it very difficult. For example, decoding a 617-digit key created with a 2,048 bit application can take thousands or even millions of years of traditional computers.

However, in 1994, an idea was introduced that undermined the reliability of traditional encryption methods. The algorithm developed by Peter Shor revealed that traditional encryption methods of quantum computers can be decrypted. Because in traditional computers, information called bits can only take values of 0 and 1, while in quantum computers, it is possible for qubits to replace bits to be both 0 and 1 at the same time. This situation, called superposition, allows quantum computers, which can take into account all possibilities at the same time, to perform operations at great speed. As the number of qubits increases, the processing speed increases exponentially. For example, a quantum computer of 300 qubits might show numbers greater than the sum of all the atoms in the universe. In this way, all possible sequences of encrypted keys can be tested very quickly.

With these features, quantum computers will put an end to asymmetric encryption. By using a larger key in symmetric encryption, the level of security can be increased and a protection against quantum computers can be provided. However, symmetric encryption can also be resolved with some quantum algorithms over time.

So, thanks to quantum computers, nothing will remain a secret. The secrets of states and companies will easily fall into the hands of malicious people who take advantage of the possibilities of quantum computers.

Considering that the healthy functioning of many sectors, from finance to trade, from transportation to defense, depends on secure communication, the cracking of all passwords by quantum computers may in a sense lead to a quantum apocalypse.

Such a situation can mean 100 billions of dollars of losses in the e-commerce industry alone. Losses in the overall economy can reach trillion dollars. The absence of such a thing as private life and geopolitical risks are other aspects of the business.

Of course, these will not happen immediately. Quantum computers have not yet reached the speed of traditional computers. However, there are new developments in this field every day, and the day when quantum computers will exceed the required threshold is approaching.

In a study conducted in 2015, it was calculated that quantum computers would need 1 billion qubits to solve a 2.048-bit RSA system. However, another recent study revealed that a quantum computer of 20 million qubits can crack this code in eight hours. So quantum computers will eventually crack all the codes. Unless new encryption methods suitable for the quantum computing age are developed.

This is why security-conscious organizations have already begun working on post-quantum computing encryption methods. The fight against the threat posed by quantum computers will consist of two stages. In the first stage, traditional encryption methods are against quantum attacks.

We are currently in the first stage. The purpose of these first-stage studies, called post quantum cryptography, is to protect traditional computers against attacks from quantum computers.

For example, the National Institute of Standards and Technology (NIST) has taken action to create quantum resistant encryption algorithms by 2022. In the second phase of the process of developing encryption methods resistant to quantum computers, which started with 69 teams, 23 teams continue to work to develop the most robust encryption method.

Algorithms developed in the studies carried out within NIST are basically divided into two general categories. The first of these is key generation algorithms based on the principle that two parties who have never met, agree on a common secret. Public-key encryption algorithms such as RSA and elliptic curves also fall into this category.

After these studies, it will be time to ensure the security of digital signatures that show the authenticity of the data used for identity verification, that it has not been corrupted or changed. Digital signatures prove that the information sent from a user or server belongs to that institution or person. It ensures that the content is protected during data flow and prevents it from being changed. It also proves the identity of the sender and recipient. In other words, the sender cannot deny what he sent and the receiver received.

One of the most popular and promising methods among these methods is Lattice Based Encryption. Code-Based Encryption, Multivariate Polynomial Encryption, Hash-Based Signatures are other methods studied.

All solutions require the development of new algorithms based on mathematical problems that even quantum computers cannot solve. There are different approaches to the development of these algorithms, and each of these approaches has its own advantages and disadvantages. For example, code-based passwords have the advantage that they have been used for many years. Trellis-based passwords, on the other hand, can offer very fast algorithms, but their large size can cause problems.

It is not yet clear which method will be successful and become the standard. The reason for the prolongation of the process is that it requires a very meticulous work without the slightest gap. Because the security of everything from online banking to e-commerce, from personal information to e-mails, will depend on these new generation encryption methods that can resist the speed and power of these quantum computers.

But on the other hand, those working on post-quantum encryption will need to keep their hands fast because it is not known when quantum computers will be able to decrypt existing codes. Perhaps quantum computers will grow more powerful than hoped, and traditional encryption methods will be caught off guard.

Rapid Scale-Up of Commercial Ion-Trap Quantum Computers


IonQ Releases A New 32-Qubit Trapped-Ion Quantum Computer With Massive Quantum Volume Claims


Dean of Istinye University Engineering Faculty Prof. Dr. Çetin Kaya Koç ranked 103rd among 17080 scientists working in the field of computer science and engineering in the “World's Most Influential Scientists” research conducted by Stanford University.

Post Quantum Cryptography Solutions

The security of asymmetric systems used today is based on mathematically difficult problems that have been studied for years. For example, the security factorization problem of the RSA (Rivest-ShamirAdleman) algorithm, the security of the digital signature algorithm and the Diffie-Hellman key exchange are based on the discrete logarithm problem defined on modular and elliptic curves. With the increase in processor power, the need to use longer keys arises. Using conventional computers, it is not possible to obtain the keys of systems that are currently considered safe in a reasonable time.
Although cryptography is an interdisciplinary branch of science, it is shaped by studies in basic science and engineering. For example, quantum physics has had significant implications in the field of cryptography. The solutions created by using quantum mechanics (uncertainty principle, photon polarization, entanglement, etc.) techniques are called Quantum Cryptography. Areas of application include quantum key distribution and quantum random number generators.
In addition, the quantum computer and quantum chip produced by IBM and Google companies are given in Figure 1 and Figure 2, respectively.

Analysis studies using the working principles of quantum computers are available in the literature. With the algorithms proposed by Shor in 1994 and Grover in 1996, the security of asymmetric and symmetric cryptosystems was significantly affected (1, 2). Shor, with his study, showed that asymmetric systems used in many fields today will be unsafe if quantum computers of sufficient size are built. In his study, Grover showed that by using sufficient quantum computers, the security of symmetric systems can provide a security level of half the key length. As a result of these studies, it is sufficient to double the key length of symmetric systems, but it is concluded that asymmetric systems such as RSA, elliptic curve cryptography, Diffie-Hellman key exchange and digital signature are insecure. After the factorization and discrete logarithm problems were found to be vulnerable to quantum computers, other mathematically difficult problems began to be studied. Post quantum cryptography (post quantum cryptography) are cryptosystems created using difficult mathematical problems that are thought to be resistant to quantum computers.

It is possible to examine these cryptosystems under five main subheadings:
- Lattice (lattice) based cryptosystems
- Code-based cryptosystems
- Digest based cryptosystems
- Isogen-based cryptosystems
- Multivariable cryptosystems

In 2016, a process was initiated by NIST (National Institute of Standards and Technology) to determine an algorithm that could be a standard in the field of post-quantum cryptography. Within the scope of this process, candidate algorithms are evaluated according to the criteria of their resistance to both classical and quantum attacks, their performance and the area they occupy on the platform on which they are implemented. In 2019, second round candidate algorithms were announced. Candidate algorithms include key encapsulation, encryption, and signing algorithms. It is aimed to publish the post-quantum draft standard between 2022-2024. The quantum threat has been identified as a high risk by NATO in 2019. Key sharing, communication confidentiality, and source verification and non-denial mechanisms in communication are aimed to be carried out and brought to the systems in the coming years.

ASELSAN has started work on key sharing, authentication and digital signature algorithm development resistant to quantum attacks in order to provide pioneering realizations in crypto device design. In this direction, the studies carried out in the field of post-quantum cryptography in Turkey and abroad and the process of NIST are closely followed. Joint projects are carried out with universities and the experiences of academic staff working in this field are utilized.

ASELSAN and TÜBİTAK BİLGEM conduct joint studies in the field of post-quantum cryptography. The Post-Quantum Cryptography Workshop, organized in this context, was held on December 5, 2019. In line with the decisions taken at the ASELSAN-TÜBİTAK BİLGEM Cooperation Workshop held between February 29 and March 1, 2020, it was decided to jointly work on the projects of the Ministry of National Defense and the Presidency of Defense Industry.


The methods in which classical cryptography and post-quantum cryptography solutions are used together are called hybrid methods and the use of these systems is recommended. For the application of hybrid methods in crypto devices to be used in secure network architecture solutions designed by ASELSAN
 

Follow us on social media

Top Bottom