Cryptography in a Quantum World Grgoire Ribordy ID Quantique May - - PowerPoint PPT Presentation
Cryptography in a Quantum World Grgoire Ribordy ID Quantique May 2016 ID Quantique PROPRIETARY Cybersecurity Cybertechnologies are becoming Cybersecurity is a growing and increasingly pervasive. fundamental part of safety and
ID Quantique PROPRIETARY
May 2016
Grégoire Ribordy ID Quantique
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Cybersecurity
▸ Cybertechnologies are becoming
increasingly pervasive.
▸ Cybersecurity is a growing and
fundamental part of safety and security of individuals,
2
ID Quantique PROPRIETARY
Cryptography…
3
▸
… is a foundational pillar of cybersecurity
using untrusted communication systems.
system?
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Goals of Cryptography
Confid entialit y Integrity Authentication Non- Repudi ation
Information Security
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Eve Alice Bob
Message Message Scrambled Message Secret Key Secret Key
Cryptographic Primitives
Public Key Private Key
Eve Alice Bob
Message Message Scrambled Message
Asymmetric Symmetric Confidentiality + other similar primitives for other goals (digitial signatures, etc.)
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
2’357 x 4’201 = ? A x B = 9’901’757
Eve Alice Bob
Message Message Scrambled Message Public Key Symmetric Cryptography Private Key Asymmetric Cryptography Secret Key Secret Key
Cryptographic Protocol
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Computational Security
7
Computer Science
Hard! Easy!
ID Quantique PROPRIETARY
8
Classical and Quantum Physics
Quantum physics
After 1900
– Describes of the microscopic world – – Probabilistic – – Central role of the observer – – Not very intuitive –
Quantum physics Quantum Information Theory (QIT) Novel information processing possibilities
Classical physics
Before 1900
– Describes the macroscopic world – – Deterministic – – Intuitive –
ID Quantique PROPRIETARY
9
– Computation is a physical process – – Bits → Qubits – – Major consequences in Information Security –
Post-Quantum Era? A World with Quantum Computers
Computer Science
Physics
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Cryptography in a World with Quantum Computers
1
Computer Science
Hard! Easy! Physics Easy!
ID Quantique PROPRIETARY
11
Grover’s Algorithm
▸
Lov Grover, 1996
▸
Quantum algorithm to perform search in an unsorted database
▸
O(n½) vs O(n)
▸
Key halfed for symmetric cryptography AES-128 → 64 bits security AES-256 → 128 bits security
Quantum Algorithms & Impact on Today’s Cryptography
Can break RSA, Elliptic Curve & Diffie Hellman
Shor’s Algorithm
▸
Peter Shor, 1994
▸
Quantum algorithm for integer factorization
O((log N)3) vs. O(e1.9 (log N)1/3 (log log N)2/3)
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Eve Alice Bob
Message Message Scrambled Message Public Key Private Key Secret Key Secret Key
Cryptographic Primitives
Eve Alice Bob
Message Message Scrambled Message
Asymmetric Symmetric Confidentiality Symmetric crypto primitives: ok (if key long enough) Asymmetric crypto primitives: at risk
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
IBM invests $3B in research initiative that includes quantum computing Microsoft starts Station Q at UC Santa Barbara ID Quantique established and starts R&D on quantum communication Chinese government plans major investment in quantum computing Lockheed Martin buys D-Wave Two1
2000 2005 2010 2015
UK Government invests £270M in quan-tum techno-logies in next 5 years EU invests €50-75 M in quantum technologies via FET program
years Canadian government invests €78M in quantum technologies
years Google ab- sorbs John Martinis’ research group
(UC Santa Barbara)
USA ARDA invests in Quantum Information Science and Technology Roadmap Intel invests $50M in QuTech NL Government invests €135M in QuTech Delft
years EU investment
Increasing Interest in Quantum IT
2013 July 2014 Sep 2014 2015 2005 2001 1999 2004 2010 Dec 2013 Jun 2015 2015 201x
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
14
Quantum Computers in the News
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
When Do We Need to Worry?
1 5
y x z
How long do you need encryption to be secure? How much time will it take to re-tool the existing infrastructure with a quantum-safe solution? How long will it take for a large scale quantum computer to be built (or for any other relevant advance
Not possible to provide the required x years of security
+ > > System will collapse in z years with no easy fix
ID Quantique PROPRIETARY
16
Why Is this Important? A Classical Risk Analysis
Probability
currently low but increasing
Risk Impact
Extremely high if no action taken
– Conduct Quantum-Risk Assessment – – Engineer Crypto Agility – – Enter in the Post-Quantum Era –
ID Quantique PROPRIETARY ID Quantique PROPRIETARY
Quantum-Safe Transition
“We announce preliminary plans for transitioning to quantum resistant algorithms.”
ID Quantique PROPRIETARY
18
Quantum Key Distribution
▸
Hardware solution.
▸
Typically no computational assumptions and thus known to be secure against future quantum attacks.
▸
Recommended for encryption of high-value information with requirement for long-term confidentiality.
− E.g. Data center interconnect, government data
The Solution: Quantum-Safe Cryptographic Infrastructure
▸
“Post-quantum” algorithms (aka quantum-resistant algorithms)
▸
Classical codes deployable without quantum technologies.
−
▸
Believed to be secure against Shor’s algorithm but no guarantee that there will not be other quantum attacks.
▸
Recommended for quantum-safe digital signatures & end point encryption.
Hugo Zbinden