Page 30 - Cyber Defense Magazine - Global Print Edition 2018
P. 30

is beyond the reach of classic  quantum  tunneling,  wherein  the  important data. Ensure your key
        computers in a reasonable time  activity of electrons travelling  management infrastructure enables
        frame. Quantum computers will  (“tunnel”) unpredictably through a  replication of keys between nodes.
        be able to crack this math easily,  semiconductor barrier, is measured  Losing keys or not being able to
        hampering one of the foundations  and turned into streams of numbers.  decrypt them can be disastrous!
        of our current security structures.  Given that this is a quantum physical
        Alongside is symmetric encryption,  phenomenon, not every electron
        commonly used to protect data at  passes the barrier, resulting in full- What’s Next
        rest, but which will also be at risk  entropy random numbers from  The third step is to keep an eye
        if the keys are not of a significant  which form the strongest possible   on the development of new
        length and don’t have high enough  keys.                                quantum resistant  tools and
        entropy (randomness).               Secondly, symmetric encryption      techniques, including quantum
        It’s not just large IT enterprises are  will retain its strength as long as the   resistant encryption algorithms
        concerned about their proprietary  keys are at least doubled  in  length
        information -- financial institutions,  and generated from a high-entropy   and quantum key distribution for
        government agencies and other  source like a QRNG. Making these         exchanging keys.
        organizations who value security are  changes to your encryption keys
        all looking for ways to prepare for  and deploying a quantum random     Today’s reliance on asymmetric
        the future challenges of quantum  number generator are good steps to    protocols for key exchange such
        before the technology breaks into  protecting data at rest from quantum  as RSA and ECC has brought us far.
        the mainstream.                     attacks. The resilience of symmetric  However, they use mathematical
        “Safety First” – Prepping for Quantum  encryption can be further leveraged  formulas that are demonstrably
        Perhaps the brightest side to  to build up quantum resistance  weak                against      quantum
        this new world is that there are  within an organization; for example,   computers, so alternatives are
        ways to  “prepare” for quantum-     by wrapping data as it is transferred   being sought. NIST started
        powered cyber attacks today, with  between  replication  nodes.  This   a    post-quantum      algorithm
        existing  encryption   approaches   approach  can  successfully  secure   standardization process in 2017,
        and methods – even some that use  data exchanges between two
        quantum-based  tech.  You’ll  hear  internal nodes using  TLS, which is   with recommendations expected
        them called  “quantum resistant,”  a common mutually-authenticated      to be published in 2022 or later.
        “quantum resilient” or  “quantum-
        safe,” but  they all  have the same
        goal of getting your infrastructure
        suitably protected against what may
        come.

        An important first step to quantum
        resilience involves the generation
        of encryption keys from the
        ground up using quantum random
        number  generation.  Simply  put,
        strong encryption, whatever its
        type, depends on using strong
        random numbers to generate keys.
        Some    pseudo-random     number
        (or algorithmic) generators have
        resulted in vulnerabilities and
        breaches  even  before  the  threat  of
        quantum computers.
                                            secure  transfer  protocol  (along
        High-entropy   random    numbers    with   RSA/ECC/AES    encryption),  Quantum key distribution (QKD)
        protect you from this risk enabling  that will otherwise be vulnerable to   takes  a  different  approach  to
        encryption to be delivered at its  quantum attacks. In practice, a high-  exchanging cryptographic keys
        full strength.  The best way to get  entropy symmetric key can wrap     securing this exchange using
        high entropy is through a quantum  the TLS transfer payload, providing   physics, so parties can share keys
        random number generator (QRNG).  another  layer  of  quantum-resilient
        It’s not a quantum computer,  protection.                               in a way that’s invulnerable to
        but does use quantum physics  As an aside, replication is a priority    the typical cyber threats of today
        to generate keys, for example  practice to implement for all            and ones we can anticipate in the


        30 CYBER DEFENSE MAGAZINE – ANNUAL GLOBAL PRINT EDITION 2018  – SPONSORED BY TREND MICRO
   25   26   27   28   29   30   31   32   33   34   35