Welcome to the sixth edition. This week we explore recent developments in quantum cybersecurity, including a few cool papers. There’s even an inline picture. Let’s dive right in…
Post Quantum Signals
The Signal messaging app has deployed post-quantum algorithms to protect against hack-now, decrypt-later attacks.
An attacker who records an encrypted Signal message exchange will now have to break both elliptic curve cryptography and the lattice-based Kyber algorithm. This is believed to be impossible, even for a powerful quantum computer.
The Signal team can deploy this change ahead of NIST standardisation because they have a closed-loop ecosystem. They don't need to interoperate with other systems, so it doesn't matter if the Kyber standard changes slightly over the next year or so.
Further changes will be needed before Signal can fend off an active attacker with a quantum computer. The gory details behind this limitation are captured in the white paper linked below.
Signal blog about the change: https://signal.org/blog/pqxdh/.
White paper covering the technical details: https://signal.org/docs/specifications/pqxdh/.
Fewer Gates for Shor
A recent paper demonstrates how to run Shor's algorithm using considerably fewer quantum gates.
Using the new approach, factoring a 2048-bit RSA key might require about 100k gates instead of approximately 4 million.
Despite this aggressive improvement, we may not need to panic just yet. There is rarely a free lunch in algorithm design, and this is no exception.
One of the trade-offs made in this paper is an increase in the number of qubits required to implement the algorithm. As the authors acknowledge:
“... an improvement in the number of gates does not necessarily translate into an improved practical implementation. Indeed, in most architectures currently being considered by industry, the space (or number of qubits) plays an important role.... It therefore remains to be seen whether the algorithm can lead to improved physical implementations in practice.”
Papers like this (see link below) are one of the reasons experts struggle to predict when quantum computers will break modern cryptography. The landscape is always shifting, with both the computers and the algorithms improving every year.
Each bright idea potentially brings "Q Day" closer.
Link to the paper: https://arxiv.org/abs/2308.06572.
Trojans in the Supply Chain
Should we worry about supply chain security for classical random number generators?
Published back in 2019, one fascinating paper explains how a true random number generator (TRNG) can be carefully designed with a secret backdoor.
The weakness would be undetectable through any normal tests. And yet, an attacker could exploit the backdoor to predict keys generated by the device.
The so-called "trojan TRNG" is manipulated during manufacturing so that one of its logic gates operates differently at higher temperatures. This is a subtle change at the transistor level, that would almost certainly be undetected. No changes to the number or types of gates are needed.
Once triggered, the trojan TRNG produces predictable output. The trigger is an increase in temperature, beyond normal operating conditions. This might be achieved by increasing the workload through the chip, but otherwise would require environmental manipulation.
Papers like this (link below) demonstrate why control over chip fabrication is critical for sovereign security.
Link to the paper: https://arxiv.org/abs/1910.00735.
An RFC for You and Me
A new draft RFC document aims to explain post-quantum cryptography for engineers.
It offers a short but comprehensive overview of the threat and the algorithmic solutions. Quite an impressive document. No fluff at all.
The Cloud Doth Attest Too Much, Methinks
Amid the surge in confidential computing, Intel is launching its own attestation service to rival those offered by cloud platforms.
Known as Project Amber, the Intel service aims to offer an independent perspective on whether confidential workloads are really confidential. The goal is to avoid placing all your trust in a cloud provider, who typically handles attestation today.
Confidential computing is becoming ever more popular, with AI being one driving factor. Companies are keen to offload their AI processing to the cloud, but they don't want nosey parkers seeing the data they are processing.
To solve this, sensitive code is executed within logically-protected environments within the computer chips. Attestation is the process of proving that the code you are about to execute is truly your own, and hasn't been modified.
Generally speaking, attestation is a pain in the backside. So it will be interesting to see if Amber makes it more usable as well. The project is in limited availability (see link below).
Link to Amber project page: https://www.intel.com/content/www/us/en/security/project-amber.html.