Friday, October 20, 2023

Getting your organisation post-quantum ready

While quantum computing is still very much in its early stages, it’s important that companies are already thinking about this evolving technology – and more importantly implementing and stress testing much needed solutions suitable for a post-quantum world.

In this blog series we have already discussed the evolving threat that is quantum computing, the need for Post Quantum Cryptography, and how security standards are evolving. In this final instalment we’ll be looking at the examples of PQC already in development.

Thales is actively engaged in research and development (R&D) efforts in the field of post-quantum cryptography. Recognising the potential impact of quantum computing on current cryptographic systems, our team is dedicated to developing and advancing secure solutions that can withstand the power of quantum computers.

One of our key objectives is to identity and evaluate the most suitable post-quantum algorithms for different applications and scenarios. This involves thorough analysis and testing to determine the algorithms’ effectiveness against quantum attacks while considering their performance characteristics and compatibility with existing cryptographic infrastructure.

We’re actively collaborating with academic institutions, research organizations, and industry partners to foster innovation and exchange knowledge in the field of post-quantum cryptography.

Some examples of projects, research and initiatives that we are currently involved in include:

Piloting the first successful Post-Quantum phone call

Post quantum threats hold significant implications for situations involving highly sensitive information, such as the exchange of classified data during encrypted phone calls. To address these concerns, Thales helped developed a proof of concept to evaluate the scalability and effectiveness of its quantum-protected mobile solutions.

In this pilot our team successfully experimented end-to-end encrypted phone calls, tested to be resilient in the Post Quantum era.

The pilot was performed with the Thales ‘Cryptosmart’ secure mobile app and 5G SIM cards installed in today’s commercial smartphones, testing a mobile-to-mobile call, voice/data encryption, and user authentication.

Any data exchanged during the call is set to be resistant to Post Quantum attacks thanks to a hybrid cryptography approach, combining pre-quantum and post-quantum defence mechanisms.

PQC Signature Tokens

Thales has been working on PQC Signature Tokens, a revolutionary smart card that incorporates a quantum-resistant digital signature algorithm. This feature can provide organizations with a powerful tool to ensure the integrity and authentication of their data files.

The smart card can securely store the private keys necessary for generating digital signatures. When a user wants to sign a data file, the token utilizes the private key to internally process and create a signature based on the file’s digest. This ensures that the signature is unique to the file and cannot be tampered with or replicated.

To enable verification of the signature, the PQC Signature Token also includes associated public keys. These public keys are certified by a trusted certification authority, allowing recipients of the signed files to check the signature’s validity. By verifying the authenticity and integrity of the file through the certified public keys, organizations can have confidence in the legitimacy of the data.

The certificates associated with the public keys can either be stored within the token itself or accessed from a server in the cloud. This flexibility provides convenience and scalability for organizations, allowing them to manage and distribute the necessary certificates according to their specific requirements.

The TDIS PQC Signature Token represent a significant advancement in data security, particularly in the face of quantum computing threats. With its integration of quantum-resistant algorithm and secure key management, this smart card empowers organizations to protect their data files, maintain data integrity, and establish trust in digital transactions.

We are already involved in two internationally funded projects with the TDIS signature token:

Securing Medical Data with Moore4Medical

Moore4Medical creates connected health products, including connected mattresses – designed to use real-time data and IOT to monitor patient health data and ultimately improve patient outcomes.

However, health data is sensitive and can cause harm if it ends up in the wrong hands – creating security and privacy issues. There is a need for a technical solution that are secure by default, ensuring a true end-to-end data security of the patient data.

We’re collaborating on this EU-funded project to create a quantum resistant e-Passport for sensitive medical sensor data, which will provide enhanced identity and authentication of patients, achieving the necessary performance and functionality levels while guaranteeing security and long privacy protection for this sensitive data.

Securing the Future of Electric Power and Energy Storage with ELECTRON

ELECTRON aims at delivering a new generation EPES platform, capable of empowering the resilience of energy systems against cyber, privacy, and data attacks.

EPES platforms refer to a combination of technologies and infrastructure used for generating, distributing, and storing electrical power. EPES systems are designed to enhance the efficiency, reliability, and sustainability of power delivery and energy management.

This project has received funding from the European Union’s Horizon 2020 research and innovation programme and has the following four task forces:

  1. Shielding the EU borders: Addressing and Mitigating Cyberattacks and Data Leaking in Ukraine
  2. Looking ahead: Providing a Resilient Electric Vehicle Ecosystem
  3. Protecting the Renewables Energy Chain from Cyberattacks and Data Leaking
  4. Proactive Islanding Meets Efficient Threat Detection: Addressing & Mitigating Cyberattacks in the Romanian Energy Chain.

We’re working on the second task help improve privacy and security by adding digital signatures and an auditing mechanism ensure that information come from trusted sources and protect against attacks.

To achieve this, we use a system called TDIS Quantum Cryptography OS to help make the system resistant to attacks from quantum computers. Our team will select the best algorithms for creating signatures on smart tokens. We’ll then show how these algorithms work on smart tokens and EPES systems. We’ll also keep improving the system’s performance and make it compatible with existing methods.

These are just a summary of some of the projects we’re working on in this field. The arrival of quantum computing poses an unprecedented challenge for the global cybersecurity community. Building defences against future threats may seem daunting, but it is an urgent task we must tackle head-on. While the post-quantum era is still a few years away, the increasing prevalence of quantum computing demands immediate action. By actively engaging in pilot programs and trials, Thales and its customers are proactively practicing crypto agility, preparing ourselves for the imminent arrival of this game-changing technology.

The post Getting your organisation post-quantum ready appeared first on Cybersecurity Insiders.


October 20, 2023 at 09:10PM

0 comments:

Post a Comment