Drs. Ir. Maran van Heesch
- quantum applications
- quantum computing
- quantum security
Picture this: a quantum computer exists which can handle complex problems that are practically unsolvable for today’s computers as the calculations would take centuries. Which contributes to new products and services. Which has the potential to help in the development of personal medicines. However, we also need answers regarding the security risks of the quantum age. This is why it’s crucial to secure information against attacks that use a quantum computer. TNO can help companies to make networks quantum-safe and to solve legacy problems. The quantum-safe VPN connection (Virtual Private Network) is an example of this.
Cryptography is widely used to shield information from unauthorised access. This has been successful because even the fastest computers would take hundreds to millions of years to decipher encrypted information. With the advent of the quantum computer, however, this will change. Although it will take some time before a quantum computer that can crack cryptography actually exists, it’s important to take action now. All encrypted information which is currently being communicated or stored can be saved for later cracking by a quantum computer. To ensure that confidential information remains secure for a long time, it is important to develop cryptosystems that can withstand attacks from both the current computer and the quantum computer: so-called post-quantum cryptography or quantum-safe cryptography.
Organisaties hebben veel software applicaties draaien, waardoor een totaaloverzicht vaak ontbreekt. Bovendien zijn oude systemen, zogenaamde legacy systemen, ver na de verwachte levensduur nog steeds in gebruik en ondersteunen belangrijke, vaak grootschalige en kritieke ICT-processen. Deze erfenis aan systemen zet een rem op innovatie en vormt een steeds groter risico voor de stabiliteit en betrouwbaarheid. Om dit legacy probleem op te lossen, de wanorde te ontrafelen én het netwerk quantum-safe te maken is een slimme oplossing nodig.
The advent of the quantum computer and existing legacy problems create challenges for companies. One often no longer knows what’s going on within the company network and it’s difficult to determine if the most recent version of cryptography is being used everywhere. Figuring this out and then re-securing your systems is a huge task. Where should you start? With the inventory – and TNO can help with this.
VPN connections are often used to give people who work from home access to their employer’s internal network, for example. With the help of a VPN connection, a secure connection can be made to the employer’s network over the home network’s internet. VPN connections make use of an encrypted connection. The cryptography used for this is not quantum-safe and therefore carries a security risk. The data sent over the VPN connection are currently not protected against attacks by a quantum computer.
Post-quantum cryptography can be used to make VPN connections quantum-safe. At TNO, we have tested this with OpenVPN. There are different types of post-quantum cryptography, each with different properties. Through our tests, we have made it clear that some types of cryptography require more bandwidth while others require more computing power. It is important to investigate the impact that post-quantum cryptography will have and which type is most suitable for different security products.
Another example of a security product which is affected by the quantum computer is the public key infrastructure (PKI), which is widely used for digital authentication. The migration to quantum-safe PKI is more complex than the migration to quantum-safe VPN, both from a technical and governance perspective.
Within TNO, there is a strong foundation of applied cryptographic knowledge and a lot of expertise in the fields of internet, communication networks and cybersecurity. This unique combination enables us to oversee the impact of post-quantum cryptography and to advise and guide organisations in the transition process for their information security. Would you like to know more about what TNO is doing in the field of quantum-safe cryptography?
Please contact Maran van Heesch.