Hack Proof Encryption

One of the basic ingredients for cyber security is the use of hack proof encryption.
It is always amazing to me when I hear that someone’s data was stolen because it
was not encrypted. Data can be encrypted through hardware or software
systems. Hitachi storage systems can encrypt data at rest and Hitachi systems like
Hitachi Content Platform can encrypt data in flight and in the cloud.  

There are three basic ingredients that are required to make a hackproof
encryption method.
First you need an algorithm that converts your message into a string of meaning
less characters. Second you need a way to produce random numbers to combine
with the algorithm so that the knowledge of the algorithm alone would not break
the encryption. And finally you need a way to deliver the algorithm and the
random numbers without anyone else gaining access.

To recover the original message, you need to know the specific sequence of
random numbers the algorithm used to encrypt the message. These random
numbers are a cryptographic key, which unlocks the content of the encrypted
message. The encryption system is only as strong as the cryptographic key is
unpredictable.

Unfortunately, most sources of random numbers aren’t truly random. These

pseudorandom-number generators use algorithms to produce sequences of
numbers that look random. If you know the underlying algorithm, they become
completely predictable. We can also generate random numbers by measuring
physical processes, like flipping a coin or the interference of radio
communications on an electric current. However physical processes are bound by
the laws of classical physics and the measurements can be predicted by reverse
engineering what’s being measured.
Having an encryption algorithm paired with truly random numbers isn’t enough.
You still need a secure way to send your message along with the cryptographic
key to the recipient.
For encrypting and decrypting keys, the standard protocol for many years has
been the RSA algorithm. Developed in 1977 by cryptographers Ron Rivest and Adi
Shamir and computer scientist Leonard Adleman, it hinges on a mathematical
trick known as a one-way function—that’s any calculation that is very easy to
solve in one direction but extremely hard to solve in reverse. An example is to
multiply two large prime numbers, typically 1,024 or even 2,048 bits in length. It’s
of course very easy to multiply the numbers together, but it’s very hard to factor
the result back to the original prime numbers.
RSA and similar algorithms give every network user two keys: a public key (known
to everyone) and a private key (known only to the user). To send information, you
encrypt it using the recipient’s public key. The recipient then decrypts the
information using her private key. The algorithms have worked remarkably well
for more than four decades because it’s extremely hard to crack the private key,
even knowing the public key.
Unfortunately all this protection will go out the window when Quantum
computers become available. Using a clever 20-year-old algorithm, called Shor’s
Algorithm, a quantum computer could easily calculate prime number factors by
exploiting the quantum property of superposition to drastically decrease the
computation time needed to find the correct factors. Today’s quantum computers
aren’t powerful enough to handle an RSA-level hack. But it’s only a matter of
time, and when that day comes, our current cybersecurity infrastructure will
become obsolete.
Hack Proof encryption will be possible in the future with Quantum computers.
Quantum states are completely random which solves the randomness problem
and Quantum key distribution, QKD, offers future-proof communications. This
does not mean that a QKD system will never be hacked, but rather that
communications secured via QKD cannot be hacked after the communication has
happened: either the hacking happens in real-time or it does not happen at all.
With QKD, cryptographic keys are never made public and QKD keys are impossible
to copy and store. For mor information on QKD see the Cambridge Journal of
Science and Policy: Quantum Key Distribution: Advantages, Challenges and Policy.
Hitachi is working with NIST on different post quantum cryptography practices
that will ease the migration from public-key cryptographic algorithms to
replacement algorithms that are resistant to quantum computer-based attacks.
Hitachi researchers have done a lot of work with Quantum Cryptography. Hitachi
researchers have also developed post Quantum codes that even a Quantum
computer will not be able to crack. There are other methods of encryption which
do not depend on factorization and would be resistant to decryption by Quantum
computers. It is already possible to safeguard data today against future attacks by
Quantum computers. These methods are called Post Quantum Encryption and
includes methods such as Lattice crypto-systems, code based systems using error
correcting codes and Multivariate cryptography. The problem is that the codes
are not yet standardized. You can read more about these efforts in my previous
post: Preparing for Post Quantum Encryption