The future of encryption: Getting ready for the quantum computer attack
PQShield, a product of Oxford University UK, is developing advanced cryptographic solutions for hardware, software and communications to protect business data from quantum risk.
The development of cloud computing presents a cybersecurity problem like the IT industry has never seen before. In theory, all stored data could be secure by today's standards - whether it be health records, financial data, customer databases and even basic data. critical government structure - being hacked by quantum computers, capable of short-circuiting the encryption we used. to protect that data to date.
Efforts to protect our data from quantum threat are ongoing, although it is being debated whether the issue is being investigated with the urgency it deserves. PQShield, the start-up of post-quantum encryption spun out of Oxford University, sees a disconnect between the magnitude of the risk and the cyber readiness of most businesses in 2022, which they are now trying to deal with them.
SEE: CIO guidance on quantum computing (ZDNet / TechRepublic special feature) | Download the free PDF version (TechRepublic)
"The scale of the quantum attack is just too great to imagine," Dr. Ali Kaafarani, a researcher at Oxford Mathematical Institute and founder of PQShield, tells TechRepublic.
"The most important part of what we do is educate the market."
Kaafarani was a former engineer at Hewlett-Packard Labs and leads a team of 10 full-time cryptographers, from what he considers to be a worldwide pool of just a hundred or so. The company is busy working on development
- encryption solutions for hardware, software and communications that secure information from future threats, but which can be implemented using modern technology.
This includes a chip system (SoC) and a software development package that allows applications companies to create secure messaging applications, protected by a "post-quantum" version of the Signal cryptographic protocol. At the heart of PQShield technology is that it is designed to work with both legacy systems as well as those in future years, meaning it can offer protection for everything from keyless cars and other connected devices, to data moving to and from cloud servers.
This, Kaafarani explains, is important because post - quantum cryptography can no longer be implemented - at the same time data encrypted by modern standards remains open to post - quantum threats. "What we are currently using as end - to - end encryption ... is secure now, but people can stop it and steal encrypted data," he says.
"As soon as they gain access to a quantum computer, they can decrypt it, so confidentiality is threatened again, because anything that is now considered secret can now be encrypted. decrypt later. "
Kaafarani also sees an issue with the current views on the treatment of cyberattacks, which he likes to add to bandwagon problem repetition.
SEE: SSL Certificate Best Practice Policy (TechRepublic Premium)
"That's why we started PQShield - to fill this gap, to pave the way for a smooth and secure transition to quantum times. There's a real opportunity here to get things right from the start."
The startup recently completed a £ 5.5m funding round led by VC Firm Kindred Capital and has now acquired German engineering firm Bosch as their first OEM customer. While the exact details of the deal remain under control, Kaafarani says the agreement is a sign of the risks that businesses are beginning to mark as the age of quantum computing practices.
"Their hardware may be built to survive, but for now, they do not have the security," he says.
“If you are designing a car that is going to hit the roads in the next three years, if you are planning security, you should think about the next standards. security: not the standards that are valid now, but the standards that will be valid in the next five, 10, 15 years, "he says.
"Future authentication is crucial, as it is for the banks and organizations that hold so much of our sensitive data."