Encryption, Internet Security & Quantum Cryptography

Story back to ultra-secure communications can be traced back to a couple of thousand years. In recent history, the technological challenges imposed for secure communications during the geopolitical conflicts in XX century, marked a real difference for logistics, tactical operations and ultimately for the results of the conflicts. This is reason enough for the current race for Quantum Computing witnessed nowadays. Being able to enact an ultra-secure communications could eventually become a tactical geopolitical advantage that could incline the scale in favor of those with stronger use of these new techs

Fast forwarding and the internet communications capabilities are used in a widespread of industries and context. Whole new businesses have been born from here. Thus internet security is a vital point in our daily lives. How to provide security to a plethora of cybernetic systems is an industry on its own, worth several billion dollars globally. The most commonly and widely used encryption mechanism in the internet is based on secure encryption key. Managing secure encryption keys is approach both symmetrically and asymmetrically. Security is based on a very very hard mathematical problem, which?actually is theoretically not impossible to solve, but requires tremendous amount of computing power with is way beyond that can be achieve, at least with the classical computing approach (take a look here for an estimate: https://scrambox.com/article/brute-force-aes/)

For this reason, from the?Information Security theory, systems can be classified in?conditionally secure?and?unconditionally secure. This concept was introduced in 1949 by American mathematician Claude Shannon, one of the founders of classical information theory, who used it to mathematically prove the one-time pad system was secure. A cryptosystem is considered to have information-theoretic security (also called unconditional security) if the system is secure against adversaries with unlimited computing resources and time. In contrast, a system which depends on the computational cost of cryptanalysis to be secure (and thus can be broken by an attack with unlimited computation) is called computationally, or conditionally, secure.

One aspect for Information Communication security is the aim for perfect secrecy

While One-Time-Pads (OTP) are based in a symmetric encryption approach, they are "information-theoretically secure". Asymmetric encryption algorithms depend on mathematical problems that are thought to be difficult to solve, such as integer factorization and discrete logarithms. However, there is no proof that these problems are hard, and a mathematical breakthrough could make existing systems vulnerable to attack.

Symmetric encryption can be constructed under an information-theoretic notion of security called entropic security, which assumes that the adversary knows almost nothing about the message being sent. The goal here is to hide all functions of the plaintext rather than all information about it.

Even thouth symmetric encryption mathematical proof of its security (Shannon), the one-time pad has serious drawbacks in practice because it requires:

Truly random, as opposed to pseudorandom. In classical computing, true random number generators exist, but are typically slower and more specialized.

Secure generation and exchange of the one-time pad values, which must be at least as long as the message.

The security of the one-time pad is only as secure as the security of the exchange.

Careful treatment to make sure that the one-time pad values continue to remain secret and are disposed of correctly, preventing any reuse in whole or in part—hence "one-time".

Next time you visit your bank webiste or your favorite social network, take a minute to look at the protocol used to display the content: https (let′s take LinkedIn, for example and the public information available through the Public Key certificate)

You will notice there is a “lock” sign in your browser or app, and you should be able to see that certificate:

In cryptography,?post-quantum cryptography?(sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently powerful quantum computer running Shor's algorithm.

The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems (hard, but not impossible)

There isn’t much organizations can do today to replace their asymmetric encryption solutions. However, the U.S. National Institute of Standards and Technology (NIST) began its call for submissions for post-quantum asymmetric encryption needs in 2016. NIST has?listed?its round three finalists for public-key encryption and key exchange algorithms. Take a look here:

https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions

With all that, there′s been important development and growth in the Quantum Secure Communications industry. There are several interesting launches to keep an eye on. Let me list just a few of them:

• Quantum Origin: https://cambridgequantum.com/quantum-origin-press-release/
• GoQuantum: https://goquantum.tech/
• ID Quantique: https://www.idquantique.com/
• PQShield: https://techcrunch.com/2022/01/25/pqshield-raises-20m-for-its-quantum-ready-future-proof-cryptographic-security-solutions/
• SK Telecom
• Nippon Telegraph and Telephone Corporation

Finally, as well depicted in one of the latest Forbes Articles:?A threat for tomorrow, a challenge for today

(https://www.forbes.com/sites/forbestechcouncil/2022/02/11/why-companies-must-act-now-to-prepare-for-post-quantum-cryptography/)