A slightly shorter missive this week, as I’m travelling all weekend. Welcome to the whole pile of new subscribers who recently joined after last week’s stories hit LinkedIn.

This Key Will Self-Destruct in 5 Seconds

How about a signing key that self-destructs after use? It sounds like Mission Impossible, but it may actually be possible with quantum physics.

I stumbled upon “one-shot quantum signatures” recently, after reading a paper published in 2020 (link below). The idea sounds magical, and I must remind folks that I’m quantum curious, but not a quantum cryptographer. So, I take such papers at face value.

The motivation of the paper is signature delegation. Alice wants to delegate signing authority to Bob but needs to limit him to just one signature. Using classical cryptography, this would be challenging if not impossible. If Bob has the data necessary to construct a valid signing key, he can do so multiple times and Alice cannot stop him.

In this paper, a new concept of a “one-shot quantum signature” is defined, which exhibits this desired behaviour. Through the no-cloning theorem from quantum physics, Bob’s key is proven to be destroyed after use, preventing multiple signatures.

What’s fascinating is that the protocol only requires classical (i.e. non-quantum) communication between Alice and Bob. Bob needs access to a quantum system, but Alice does not.

For more information, including security proofs, check out the paper: https://eprint.iacr.org/2020/107. Several potential use cases are explored.

Quantum-Proof OT — Oxymoron?

CISA’s guidance on quantum-safe operational technology (OT) is a mixed bag.

It paints a bleak picture of the status quo, highlighting how OT often lacks encryption and may rely on outdated operating systems. Acknowledging these major challenges, CISA’s main practical advice is to limit the potential impact of quantum attacks through proper network segmentation.

Where the advice falls short is firmware security. It only briefly mentions that a quantum computer could enable the installation of malware via fraudulent firmware signatures. Yet, this represents a clear and present danger. Each new OT system deployed without a quantum-safe root of trust is a future weak link and a guaranteed swap-out within the next decade.

Quantum-safe firmware signing is a solvable problem today. We’ve had quantum-safe firmware signatures algorithms long before the recently standardised general-purpose PQC algorithms. So there's no reason not to be prioritising this today.

Asides from this bug bear, there’s nothing else offensive in the document, which proposes typical advice of inventorying, prioritising, and working with vendors to achieve crypto agility. But do let me know in a reply if you feel I’ve missed something.

You can view the CISA document here: https://www.cisa.gov/resources-tools/resources/post-quantum-considerations-operational-technology.