INSUBCONTINENT EXCLUSIVE:
Shlomi Dolev
Contributor
Shlomi Dolev is the Chair Professor and founder of the Computer Science department
of Ben-Gurion University of the Negev
He is the author of Self-Stabilization
Shlomi also is a cybersecurity entrepreneur and the co-founder and chief scientist of Secret Double Octopus.
More posts by this
contributor
The quantum computing apocalypse is imminent
The world stands at the cusp of one of the greatest breakthroughs in
Huge leaps forward in all fields of computer science, from data analysis to machine learning, will result from this breakthrough
But like all of man technological achievements, from the combustion engine to nuclear power, harnessing quantum comes with potential dangers
Quantum computers have created a slew of unforeseen vulnerabilities in the very infrastructure that keeps the digital sphere safe.
The
underlying assumption behind nearly all encryption ciphers used today is that their complexity precludes any attempt by hackers to break
them, as it would take years for even our most advanced conventional computers to do so
But quantum computing will change all of that.
Quantum computers promise to bring computational power leaps and bounds ahead of our most
Recently, scientists at Google began testing their cutting edge 72 qubit quantum computer
The researchers expect to demonstrate with this machine quantum supremacy, or the ability to perform a calculation impossible with
traditional computers.
Chink in the Armor
Today standard encryption techniques are based on what called Public Key Infrastructure or PKI,
a set of protocols brought to the world of information technology in the 1970&s
PKI works by generating a complex cipher through random numbers that only the intended recipient of a given message, the one in possession
of the private key, can decode.
As a system of encoding data, PKI was sound and reliable
But in order to implement it as a method to be used in the real world, there was still one question that needed to be answered: how could
individuals confirm the identity of a party reaching out and making a request to communicate This vulnerability left the door open for
cybercriminals to impersonate legitimate servers, or worse, insert themselves into a conversation between users and intercept communications
between them, in what known as a Man-in-the-Middle (MITM) attack.
The industry produced a solution to this authentication problem in the
form of digital certificates, electronic documents the contents of which can prove senders are actually who they claim to be
The submission of certificates at the initiation of a session allows the parties to know who it is they are about to communicate with
Today, trusted third party companies called Certificate Authorities, or CAs, create and provide these documents that are relied upon by
everyone from private users to the biggest names in tech.
The problem is that certificates themselves rely on public-key cryptographic
functions for their reliability, which, in the not too distant future, will be vulnerable to attack by quantum machines
Altered certificates could then be used by cyber criminals to fake their identities, completely undermining certificates as a method of
authentication.
Intel 17-qubit superconducting test chip for quantum computing has unique features for improved connectivity and better
electrical and thermo-mechanical performance
(Credit: Intel Corporation)
Decentralizing the Threat
This isn&t the first time we&ve had to get creative when it comes to encryption.
When
Bitcoin creator Satoshi Nakamoto, whose true identity is still unknown, revealed his revolutionary idea in a 2008 white paper, he also
introduced the beginnings of a unique peer-to-peer authentication system that today we call blockchain
The brilliantly innovative blockchain system at its core is an open ledger that records transactions between two parties in a permanent way
without needing third-party authentication
Blockchain provided the global record-keeping network that has kept Nakamoto digital currency safe from fraudsters
Blockchain is based on the concept of decentralization, spreading the authentication process across a large body of users
No single piece of data can be altered without the alteration of all other blocks, which would require the collusion of the majority of the
entire network.
For years, blockchain and Bitcoin remained one and the same
About five years ago, innovators in the industry began to realize that blockchain could be used for more than just securing cryptocurrency
Altering the original system designed for Bitcoin could produce programs to be applied in a wide range of industries, from healthcare, to
insurance, to political elections
Gradually, new decentralized systems began to emerge such as those of Ripple and Litecoin
In 2015, one of the original contributors to the Bitcoin codebase Vitalik Buterin released his Ethereum project also based on blockchain
What these new platforms added to the picture was the ability to record new types of data in addition to currency exchanges, such as loans
and contractual agreements.
The advantages of the blockchain concept quickly became apparent
By 2017, nearly fifteen percent of all financial institutions in the world were using blockchain to secure aspects of their operations
The number of industries incorporating decentralized systems continues to grow.
Saving PKI
The best solution for protecting encryption
from our ever-growing processing power is integrating decentralization into Public Key Infrastructure.
What this means essentially, is that
instead of keeping digital certificates in one centralized location, which makes them vulnerable to being hacked and tampered with, they
would be spread out in a world-wide ledger, one fundamentally impervious to alteration
A hacker attempting to modify certificates would be unable to pull off such a fraud, as it would mean changing data stored on enumerable
diversified blocks spread out across the cyber sphere.
Decentralization has already been proven as a highly effective way of protecting
recorded data from tampering
Similarly, using a blockchain-type system to replace the single entity Certificate Authority, can keep our digital certificates much safer
It is in fact one of the only foreseeable solutions to keep the quantum revolution from undermining the foundation of PKI.
