MEPs call for urgent ‘quantum safe’ encryption standards

MEPs call for urgent ‘quantum safe’ encryption standards

Arqit

In a letter, members of the European Parliament (MEPs) have called for the European Commission to develop regulations to protect against quantum computers being used for malicious purposes.

The enhanced capabilities of quantum computers mean they are able to solve mathematical problems at a rate far faster than regular computers. As such data encrypted with legacy techniques runs the risk of being exposed to bad actors.

“The quantum threat to encryption is not imminent, it’s already here,” says David Williams, CEO of British encryption firm Arqit.

Williams points to the technique of “store now, decrypt later” being employed by bad actors.

These types of attacks are on the rise, he says. Hackers are harvesting data for future decryption once they have access to quantum technology.

The National Institute of Standards and Technology (NIST), an agency within the US Department of Commerce tasked with creating standards across a wealth of technologies has been developing post-quantum algorithms since 2016.

The goal has been to ensure that data being transferred cannot be decrypted by quantum computers, by implementing more advanced certification techniques.

However, research published by Beijing University last week unveiled a viable attack methodology against one of these algorithms.

Simultaneously, Microsoft have made a significant advancement in Quantum computing, creating the most reliable logical qubits to date.

With an 800x improvement in accuracy, Williams believes the breakthrough reduces the timetable to a large-scale quantum computer by two years.

“It’s no longer viable for anyone to confidently state that quantum computers will take more than 5 years to break public-key cryptography,” Williams tells Capacity.

Rather than rely on certification, Arqit was established in 2017 to find a new way to encrypt data.

“Symmetric encryption is the gold standard for post-quantum protection,” Williams explains,

“It involves parties sharing a key created by randomness not maths for encryption and decryption, strengthened by dynamic rotating authentication.”

Williams says Arqit’s approach not only prevents today’s man-in-the-middle attacks but also future-proofs against quantum risks.

“Even if a key is carelessly exposed by the user, the window of vulnerability is minimised because the key can rotate every second. When implemented as part of a zero-trust framework, this system is completely future proof, helping enterprises avoid the disruption of constant upgrades as quantum computing advances,” he says.

The importance of Arqit’s technology has already been recognised by the telecoms industry.

The company took home the Outstanding Mobile Technology Award at this years Glomo awards at Mobile World Congress, which was voted on by CTO’s across the industry, along with the award for Best Mobile Security Solution.

“Organisations like the National Security Agency and the National Information Assurance Partnership have mandated symmetric encryption across classified use cases, signalling a global shift in cryptographic strategies. It's imperative for businesses to harden their networks immediately, embracing symmetric key agreements as part of a crypto-agile approach,” Williams concludes.

Gift this article