WA4. Trends in Encryption¶
Statement¶
Cryptology has become an integral part of business operations around the world. Conduct online research to identify a minimum of 2 trends for the future application of cryptology.
- Choose what you think works best in your research.
- Provide a brief explanation of the mechanics of each selected cryptographic trend.
- Explain in your own words why you think they work best.
- Reinforce your arguments with appropriate quotes in the text and research references.
Solution¶
Introduction¶
Cryptography has been a human need since early civilization; Symmetric cryptography has been there for hundreds of years and it took various forms till it reached its current shape. Asymmetric cryptography is relatively a new concept and it was built on the promise, that even if the cipher and its public key were public, no one could crack the private key within a reasonable time.
Quantum computers are also a new concept, and they have much more computing power than classical computers; this threatens the very promise of asymmetric cryptography; thus, the first trend is Quantum-Safe Cryptography (Dahmen-Lhuissier, 2023).
Cloud computing is getting popular with all businesses are moving their data to the cloud, an issue raised, is the trust in the cloud provider; a business may put all its data onto a cloud that is owned by a third party (the cloud provider); to push their business forward, cloud providers have pushed a new encryption idea which is the Homomorphic Encryption, where cloud providers can not access the data that is stored on their servers, and the this is the second trend (Gillis, 2022).
Everything is connected to the internet, and threats come from everywhere; it is hard to find an isolated place for sensitive data storage or computing. Confidential Computing promises to solve this issue by providing special hardware that is built with security and isolation in mind (IBM, 2021, IBM Explores the Future of Cryptograph).
Quantum-Safe Cryptography¶
Quantum-safe cryptography relies on lattice problems, which a mechanical problem that is hard to solve; its essence is that for a very large number N, and a large set of numbers S, there are X (relatively large number) numbers from S that can be added to each other to get N; the problem is that it is hard to find these X numbers (IBM, 2023, What is quantum-safe cryptography).
4 algorithms are picked by the National Institute of Standards and Technology (NIST) to be the future of cryptography: Crystals-Kyber, Crystals-Dilithium, SPHINCS+, and Falcon (IBM, 2023, What is quantum-safe cryptography), and they are all based on lattice problems.
The lattice problem is more complex than the prime factorization problem, which is the standard of asymmetric cryptography; thus, it is harder to solve, and IBM believes that no quantum or complex computer is able to solve it (IBM, 2023, What is quantum-safe cryptography).
Homomorphic Encryption¶
Homomorphic encryption is a new concept that was introduced in 2009 by Craig Gentry; it is a type of encryption that allows computations to be done on the encrypted data without decrypting it (Gillis, 2022). Thus, the cloud provider can still do the necessary computations on the data that is hosted on their infrastructure without accessing the data or knowing what it is; not just that but also, sharing data with third-party service providers in confidence (IBM, 2021, IBM Explores the Future of Cryptograph).
The homomorphic encryption is based on Fast Fourier Transformation for the anti-cyclic ring; and uses AVX assembly vectorization instructions (TFHE, 2020) to generate different outputs in terms of the ability to do computations on the encrypted data, from partially homomorphic, to somewhat homomorphic, to fully homomorphic encryption.
Confidential Computing¶
Confidential computing is a new concept that is based on the idea of Trusted Execution Environments (TEEs) which is a special hardware that is built with security and isolation in mind; TEEs include a co-processor within the CPU and memory that is isolated from the rest of the system (Fortinet, 2023).
The TEEs are supplied with embedded keys that are used to encrypt data stored within; the keys are not accessible by the CPU or the operating system, and the data is encrypted and decrypted within the TEEs (Fortinet, 2023). Sometimes, the TEEs are called enclaves or secure enclaves.
Conclusion¶
To conclude; every one of the proposed trends seems to have a bright future, but homomorphic encryption is still not feasible commercially as it is still too slow; confidential computing has started to get popular with Apple devices has a safe enclave that is used to store passwords and other credentials; and quantum-safe cryptography is still in the research phase as the quantum computing themselves are still far from being commercialized. The only certain thing is that the old ways of encryption are at serious risk, and there are only a few years left before they are broken.
References¶
- Dahmen-Lhuissier, S. (2023). ETSI. ETSI. https://www.etsi.org/technologies/quantum-safe-cryptography#:~:text=Quantum%2Dsafe%20cryptography%20refers%20to,quantum%20computer%20has%20been%20built
- Fortinet. (2023). What Is Confidential Computing? Defined and Explained. Fortinet. https://www.fortinet.com/resources/cyberglossary/confidential-computing#:~:text=Confidential%20computing%20refers%20to%20cloud,used%20to%20process%20this%20data.
- Gillis, A. S. (2022). Homomorphic encryption. Security; TechTarget. https://www.techtarget.com/searchsecurity/definition/homomorphic-encryption
- IBM. (2021). IBM Explores the Future of Cryptography. IBM Newsroom. https://newsroom.ibm.com/IBM-Explores-the-Future-of-Cryptography
- IBM. (2023). What is quantum-safe cryptography? Ibm.com. https://www.ibm.com/topics/quantum-safe-cryptography
- TFHE. (2020). TFHE Fast Fully Homomorphic Encryption over the Torus. Github.io. https://tfhe.github.io/tfhe/