Page 63 - Cyber Defense eMagazine September 2023
P. 63

2. Public Disclosure: Verify if the vendor's underlying entropy methodology has been openly disclosed
            for peer review by engineering professionals.

            3. Independent Tests: Ensure independent tests, like those from the National Institute of Standards and
            Technology (NIST), were conducted on the RNGs raw output to check for patterns implying the numbers
            were not randomly generated.

            Remember, a collapse in fundamental cryptography via an attack on random numbers crumbles all the
            security infrastructure built on top of it. SolarWinds was a warning, perhaps even an omen of worse to
            come. Thus, it is crucial that vendors are held to high standards of transparency to prevent cascading
            effects.

            New  research  from  my  team  and  I  at  Qrypt  and  teams  at Advanced  Quantum Architecture  (AQUA)
            Laboratory, École Polytechnique Fédérale de Lausanne (EPFL), Ruder Boskovic, and Global Foundries
            discovered a single-photon avalanche diode (SPAD)-based QRNG design, which utilizes the quantum
            random flip-flop (QRFF) method. This type of integrated circuit on a SPAD array at the 55nm scale was
            science fiction a few years ago. The ability to detect a single particle of light, a photon, billions of times a
            second across thousands of pixels on a 2mm chip would have stunned most technologists of the previous
            generation.  Leveraging  quantum  events  like  this  at  these  speeds  is  essential  to  making  security
            guarantees further up the encryption stack in any network.

            Research like this contributes to our understanding of quantum randomness and its applications in digital
            security. As more QRNGs come to market, it is crucial that we, as consumers and stakeholders in digital
            security, demand transparency from vendors and stay informed about the latest developments in the
            rapidly evolving field of quantum.






            About the Author

            Denis Mandich, Co-Founder and Chief Technology Officer of Qrypt.

            As Co-Founder & CTO of Qrypt, Denis drives the technology roadmap and secures
            the global expertise to achieve the company vision to protect against quantum
            computing  threats.  Previously,  he  served  20  years  in  the  US  Intelligence
            Community,  working  on  singular,  innovative  technology  essential  to  National
            Security. Denis is a board member of Quside, advisor to the Quantum Startup
            Foundry,  and  NSF-funded  Mid-Atlantic  Region  Quantum  Internet.  He  speaks
            native-level Croatian and Russian.
            Qrypt can be reached online at our company website https://www.qrypt.com/











            Cyber Defense eMagazine – September 2023 Edition                                                                                                                                                                                                          63
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   58   59   60   61   62   63   64   65   66   67   68