Cyber security through quantum-safe crypto
The quantum computer offers opportunities for businesses. While at the same time raising questions among entrepreneurs. Will my data still be secure? How should I set up a quantum-safe connection? And what software will I need to replace? At TNO, we help organisations to not only make networks quantum-safe, but also to solve legacy problems.
Opportunities and risks of the quantum era
The quantum computer can contribute to new products and services. Solving problems that are almost unsolvable for today's computers. And potentially even help develop personalised medicines. However, we will also need to find answers to the security risks that the quantum era will bring. Therefore, securing information held in a quantum computer against attacks is crucial. At TNO, we help organisations make networks, including legacy systems, quantum-safe in good time. The quantum-safe VPN connection (Virtual Private Network) is an example of this.
Cryptography is widely used to shield information from unauthorised persons, and to authenticate the sender of data. Even the fastest computers in the world would need hundreds of years to decipher encrypted information. With the arrival of the quantum computer, this will all change. It will be at least a few years before a quantum computer is able to crack today's cryptography. Nevertheless, it's important to take action now.
All the encrypted information that we now communicate, process or store can be saved for later cracking by a quantum computer. It's therefore important to develop cryptosystems now that can withstand attacks from both existing computers and the quantum computer. Here, we're referring to post-quantum cryptography or quantum-safe cryptography. This is how we keep confidential information safe in the long term.
Making legacy systems quantum-safe
Organisations use many software programmes, which often results in a lack of a comprehensive overview. Also, legacy systems are still in use far beyond their expected lifespan. These legacy systems often support important, large-scale and critical ICT processes. However, it's questionable whether these older systems will be able to handle post-quantum cryptographic protocols, as these use larger keys or require more processor capacity than older cryptographic protocols. This legacy inhibits innovation and poses an increasing risk to stability and reliability. To solve this legacy problem, unravel the inconsistencies and make the network quantum-safe, a smart solution is needed.
But where do you begin with unravelling?
In a company's network, it's often complicated to find out which software is running, and whether the latest cryptography is being used. It's a huge job to figure this out, and to make your systems secure again. Where do you start? With making an inventory. We can help you with that.
In the day-to-day practice
The benefits of Advance Security Proxy
The Advanced Security Proxy (ASP) is a way of making organisations quantum-safe. It can help with the inventory of the security of software systems in use. This is how legacy problems are identified. At the same time, this tool can overcome security risks by encrypting data exchanges to make them quantum-safe. And ASP can improve the security of older systems without the need to modify them. It's similar to a smart VPN connection, except that ASP stands between the network and the Internet, and is able to monitor all connections to the Internet.
ASP rapidly performs deep packet inspection on communication channels using programmable hardware. The tool performs various gateway functions. For example, monitoring the security level of the cryptography used. And performing an upgrade of cryptography to establish more secure channels that cross less secure networks such as the Internet. By upgrading the encryption used, the ASP protects older devices that cannot do this themselves.
ASP is cheaper and simpler
ASP therefore protects older network systems from current security threats. This means that an organisation does not need to invest in major network updates immediately. And it's a much cheaper solution, because the costs of implementing ASP are low. Furthermore, it's not necessary to update the entire security portfolio when working with ASP. This tool represents a logical addition to your current security portfolio. With ASP, you're able to save a lot on costs. Especially for any organisation with an extensive network infrastructure.
How to make VPN connections quantum-safe
VPN connections are often used. For example, giving people who work from home access to their employer's internal network. A VPN connection securely connects the home network to their employer's network over the Internet. This is achieved via an encrypted connection. However, the cryptography in current use is not quantum-safe. And that brings with it a security risk. After all, data that is currently exchanged via VPN connections is not protected against attacks from a quantum computer.
Post-quantum cryptography makes VPN connections quantum-safe. At TNO, we tested this with OpenVPN. There are different types of post-quantum cryptography, each with different properties. Thanks to our tests, we know that some cryptography types require more bandwidth, while others need more computing power. It's important to investigate the impact of post-quantum cryptography on different security products. And which type is most suitable.
Public Key Infrastructure (PKI) is also affected by the quantum computer. This security instrument is widely used for digital authentication in all kinds of social applications, ranging from digital banking to exchanging information with the government. However, the migration to quantum-safe PKI is more complex than that to quantum-safe VPN, both technically and organisationally. TNO is involved with the public-private HAPKIDO consortium, which is studying the migration to quantum-safe PKI.
Interested in working with us?
Within TNO, there is a strong foundation of applied cryptographic knowledge and a great deal of expertise in the area of Internet, communication networks and cybersecurity. This unique combination makes it possible for us to predict the impact of post-quantum cryptography. As a result, we can advise and assist organisations in the process of transitioning their information security. Want to know more about what TNO is doing in the field of quantum-safe cryptography? If so, please contact Maran van Heesch.
How do you make your organisation quantum-safe?
Take a look at what steps you can take. From the creation of knowledge and awareness to implementing the switch to quantum-safe solutions
Maran van Heesch
Maran van Heesch is the portfolio manager for PMC's Quantum Safe Technologies and Practical Algorithms for Quantum Optimization. Maran van Heesch works as a scientific consultant at TNO with a strong focus on applied cryptography, including post-quantum cryptography, quantum cryptography and secure multi-party computation. She works on figuring out use cases for quantum key distribution, possible transition models to post-quantum cryptography for security products and has implemented multi-party computation protocols for various use cases in the financial and healthcare sectors.
Frank PhillipsonFunctie:Senior scientist
Frank Phillipson is senior scientist and professor at Maastricht University in Computational Operations Research, specialized in optimization in telecommunication, energy and logistics networks. Most of our current work is focused on finding new computational techniques for optimization and machine learning using the quantum computer.
Looking for another expert?View all experts
Applied Cryptography & Quantum Algorithms
The Applied Cryptography & Quantum Algorithms expertise group aims for quantum-safe society, secure data sharing and privacy enhancement in the quantum age.
Quantum computing: how can it serve your organisation?
Solving problems in real time with quantum computing applications? The huge computing power provides opportunities for AI, optimisation, and materials science.