Cybersecurity & Cryptography
Microsoft, OpenVPN, Post-Quantum Computing
Recently, Microsoft made virtual private networks (VPNs) and post-quantum cryptography (PQC) cryptosystem experimentation available for public study. Making use of the widely acclaimed OpenVPN software, MS combined OpenVPN with a PQC kit. The present iteration only protects data tunneling between the client and the VPN server with purportedly PQC-safe encryption algorithms. As data exits this trusted network onto the internet (public), classical cryptography takes over the encryption, increasing risk to the data’s confidentiality. The MS project complements the Open Quantum Safe project and NIST’s Post-Quantum Cryptography endeavors. Read on for further detail.
Because Quantum is Coming; But When Will It Be Tamed?
The media hype helps fundraising for research and the stories of doom and gloom abound throughout the mainstream media because it sells. That’s it. We do know this: Quantum computing at a practical level is a bit in the distance.
The Russians and Blockchain: Try a Quantum Computing Key.
Arquably, quantum computers could break blockchain encryption. However, a group of scientists at the Russian Quantum Center in Moscow believe they have a solution. The importance to world economies is growing as one of blockchain’s most visible uses is Bitcoin.
Why the Threat to Bitcoin from Quantum Computing is Fixable.
The threat to blockchain boils down to: (1) After a Bitcoin (a cryptocurrency) transaction is broadcast to the network, it is at risk. (2) Using a quantum computer, the secret key could be derived before transaction placement on the blockchain. (3) Malicious intent could permit the broadcast of the secret key with a new transaction to the malicious actor’s own benefit. (4) Placing the new stolen secret key-enabled transaction on the blockchain before the original transaction permits grand theft of all the bitcoin “behind the original”.
“Computationally Infeasible”
Quantum key distribution (QKD), a method of distributing secret keys between two parties, is possible – today – in enabling perfect secrecy between two-parties. Researchers have recently shown this ability to maintain perfect secrecy over fiber-optic wires
Is Cryptographic Agility The Solution?
In the next ten years, the notion of quantum supremacy will have likely been attained, and further, quantum computing will have begun to crack data encryption of the prolific types in use today.
Device-Independent Quantum Key Distribution
With attempts to establish cybersecurity in every aspect of our connected world struggling to succeed, quantum computing may arrive before true information security is established.
Post-Quantum Cryptography / In Simple Terms
The Quantum Safe Security Working Group from the Cloud Security Alliance (CSA) has been working diligently to bring “non-technical executives” a post-quantum cryptography primer.
TLS 2.0
Forward Secrecy’s use as a layer of security during encrypted sessions may be threatened. Simply, Forward Secrecy permits only the end-points in a secure session to decrypt traffic. The problem is surveillance of encrypted traffic in high-security environments demands the ability to break open and inspect content.