Advancements in technology mean that more and more business processes are becoming digitalized every day. For this reason, businesses need secure technology that protects private data from prying eyes and criminals.
Post-quantum cryptography provides such protection through a combination of mathematical concepts, rule sets, and algorithms.
Post-quantum cryptography (PQC) is also known as quantum-resistant cryptography, and the main goal is to develop a secure system that operates with existing network and communication protocols. It is also important that the system is shielded against both quantum and classical computers as well. In turn, these systems ensure that their personal information and other information, such as communications, business processes, and transactions remain protected against unauthorized persons.
Post-quantum security does not require quantum computers
It’s important to note that post-quantum cryptographic algorithms do not require quantum computers to create or decrypt information between authorised parties.
• They protect “brute force” attacks using quantum computers against encrypted data.
• Not all current cryptography is vulnerable to attack using quantum computers. Symmetric cryptography, such as the AES security commonly used to encrypt files at rest, is not known to be at risk.
What is public key cryptography?
Public key encryption is a very common form of cryptography used to secure communications.
It uses the maths of prime numbers to encrypt messages using a key that the intended recipient of the message has shared with the person sending the message. Only the intended recipient, however, has the private key that can decrypt the message.
The reason public key encryption is ubiquitous is that you can share your public key by publishing it for anyone to access, safe in the knowledge that it cannot be used to decrypt messages sent to you. It makes sending encrypted messages very easy.
Breaking this encryption without the private key would mean finding the “prime factors” used to create the public key. These are two prime numbers which are multiplied together as part of the encryption process to form part of the public key.
Because data is encrypted with the public key but decrypted with the private key, it is a form of “asymmetric cryptography”.
For sufficiently large prime numbers this is considered an impossible task for today’s computers.
In theory, however, quantum computers should be good at prime factorisation and therefore able to decrypt messages using only the public, and not the private, key. Mathematics that would take thousands of years on today’s technology could be reduced to hours on a quantum machine – and much of today’s security would be obsolete.
So designing security for the post-quantum world, or “post-quantum security” (also known as “post-quantum cryptography”) means new techniques and algorithms must be adopted, standardised and widely used.
The positive side-benefits of post-quantum cryptography
Gouget believes that the final standards for post-quantum security will likely involve “some combination of current cryptography and a hybrid that is safe from quantum attack. Many of the quantum safe algorithms currently being investigated used lattice-based cryptography, and Gouget says that expertise being developed in this branch of mathematics may have other benefits too.
It may speed the development of robust “homomorphic cryptography”, for example.
Homomorphic cryptography is an emerging technique which enables datasets to be processed in an encrypted form. In other words, it will enable one organisation to share data which might contain sensitive information with another organisation that can process it without every seeing it in unencrypted form. It has strong potential applications for protecting personal privacy, for example, while still enabling big data processing.
Read more here.