Monday, 28 August 2023 12:53

Qrypt Looking to Attack the Inefficiencies in Quantum Encryption to make Quantum Secure Communication a Reality Today

Written by

Reading time is around minutes.

Black Hat 2023, Las Vegas – At Black Hat one of my favorite things to do is see what the latest buzzword(s)/phrases are. One of my favorites from this year was “code to cloud” while others focused on the big shiny object that is AI. Fortunately for me, I usually am afforded a chance to talk with amazing technical resources to allow me to continue my mission to cut through the marketing and get to the meat of the technology or issue. This brings me to my conversation with Denis Mandich, co-founder, and CTO of Qrypt, a quantum security company that has an interesting improvement on current methods to generate and provide access to true quantum random numbers (QRN).

Unless you have been living under a rock for the last 20-30 years, you are probably aware of the industry’s complete failure at generating truly random numbers. The techniques used might be safe at launch, but eventually they can be investigated and once the randomization process is understood you can predict the pattern making it less that viable as a solution. This issue is present in almost all of today’s forms of encryption. It has become such a known issue that many nation-state attacks still download encrypted data with the confidence that they can decrypt it eventually. Even some of the companies claiming they have quantum encryption use methods that are only considered “safe” in that they cannot be decrypted by anything known today but will eventually fail because the source of the key generation is not truly random.

Enter Qrypt. After Denis and I waded through some of the challenges facing modern quantum random number generation (QRNG), including physical limitations (fiber connections of not more than 1 KM between number generation hardware) and the time it takes to generation the number (20 hours between keys), we got into some of the details of how Qrypt is looking to solve for this problem. The first challenge is how do we generate a truly random number? Before diving into this part of the conversation, Denis asked me if I understood physics (he is also a physicist himself). Fortunately, I do have a general understanding of physics, so we moved on to talking about generating true quantum random numbers. Remember in the last paragraph where I mentioned that current methods are not truly random? Well Denis mentioned that Qrypt uses multiple methods of generating QRNs based on truly random events from a physics perspective.

A simple explanation of this is; In a laser, atoms are excited by electricity, causing their electrons to move to higher energy orbits. These electrons then fall to a special state called the 'metastable state'. At an unpredictable quantum moment, one atom emits a photon, triggering other atoms to do the same, resulting in a burst of photons known as the laser pulse. The exact timing and phase of this pulse are inherently unpredictable. By measuring this and filtering out noise, we can derive quantum random numbers. If you want a much more detailed explanation you can read on, if not you can skip the next two paragraphs.

For those that are more detail minded. A laser (Light Amplification by Stimulated Emissions of Radiation) is, in exceptionally simple terms, light (photons) passed through a medium (solid or gas) that excites the molecules in that medium in a certain way to produce a narrow radiation beam. Now, here is where the fun starts (and also where my “Real Genius” flash backs began “As soon as we apply a field, we couple to a state, it is radiatively coupled to the ground state.”). Lasers are controlled by a quantum mechanical rule that limits atoms to a certain amount of stored energy depending on the atom in question. By adding energy into them (pushing the photons through the medium) they become unstable (their electrons have moved to outer orbits) and want to go from the high-high energy state to a low-energy state. The lowest energy state that an atom or molecule can have is called the “ground-state”. At this state all of the electrons are in their nearest orbits. When the excited atoms move from the high-energy state to the ground state, they release this energy as light (the laser light). Once one molecule moves to the ground state all of the other molecules follow it producing the laser light.

It is the first atom or molecule moving to the ground state that is truly random. There is no way to predict when that first atom makes its move so that quantum mechanical effect is able to produce a truly quantum random number, once you filter out all of the noise around the event. There are other methods that are more technical in detail, but this one is a great example using something that most are at least casually familiar with. It is also one of the methods that are part of the current standard for quantum random number generation. There are a number of papers out there on how to do this effectively and efficiently if you want a more detailed explanation including how to prevent an adversary from manipulating the environment to affect the calculation of the random event as well as how to bound the using specific techniques such as single photon or weak-optical pulses to create a more contained and easily bound.
There are other methods such as radioactive decay that can also be used to generate truly quantum random numbers, but for the sake of brevity, we will not be going into those.

So, we have gotten around the challenge of generating a truly random number. The next challenge is the physical limitations of the existing system. As we mentioned, currently you need two number generators connected by a fiber cable within 1km of each other. At this distance you can generate one key every 20 hours. This is not exactly an efficient system and requires costly hardware to maintain and also introduces a risk when it comes to key transmission. To combat this Qrypt uses a distributed system. This system which allows the pairs of QRNG systems to not only be farther apart, but also not accessible to transmission risks. By distributing the devices with a (relatively) simple insertion of code you can generate quantum random numbers which can be cut up into keys for encryption without the physical limitations or transmission risks of most of today’s QKD systems.

How do you do this? Well let’s look at a concept of encryption called Information-Theoretic (IT) Encryption. For IT encryption to work, the length of the secret key must be as long as the total amount of data sent. This means that encrypted data 1GB in size, you need a 1GB secret key, unlike AES encryption which is a fixed length of 128-256bits in length. In the past this has meant that it was exceptionally inefficient to generate a key long enough to use IT Encryption. With modern computing systems where both memory and compute power are relatively inexpensive, the idea of large keys is not so much of an issue. This means that the right encryption keys should be able to be generated locally for efficiency, but this can also be a challenge, considering the length of keys involved. Qrypt’s solution answers the important properties of IT encryption; it needs to be stateless, it needs to be locally computable, and the rate needs to be efficient.

The solution to these requirements is semi-simple to describe. In order to generate the length of keys needed for IT encryption they use a distributed (shared) server is employed. This server uses an internal QRNG to generate and store what I like to call the BFRN (the big freaking random number). This random number is then probed through the use of a computationally secure seed number to extract (using bound storage model extractors (BSM)) parts of the key. The seed is never transmitted in the open, it is agreed upon between the participants as part of the key agreement process with the encryption server. This means that the data can remain encrypted even if an attacker has large chunks of the original key, because they never know the seed computed to probe and extract the sections of the key used for encryption. The original key only exists as long as the server does so if the attacker is ever able to compute the seed, the server should no longer be in use meaning that the original key is no longer available to decrypt the data. Still there is a few flaws in this method which include; orbital leakage of the original key, and less than optimal rates. Qyrpt uses Doubly-Affine Extractors to address these flaws and achieve true IT encryption. Qrypt’s doubly-affine extractors are BSM extractors with specific limitations built into them; both the leakage function and the output of the extractors are linear functions of the source. This makes leakage acceptable as the attacker’s leakage will be linear and not orbital, this will reduce the impact to the future security of the encrypted data. It also allows extractors to be made more secure against attackers since the leakage is linear. In simple terms, the controlled linear leakage would be indistinguishable from a random string. Sounds simple right?

But wait, there’s more! To get around the issues with leakage of the original key and the discovery of the seed, there is an additional process of sample, then extract. Locally the ley is sampled first and then the sample if reviewed by a non-local extractor to extract bits that are not compromised by an attacker via leakage This is part of the mathematical process to ensure that the parts of the source key used are not known to the attacker. This combined with the computationally secure generation of the seed keys provides for long term security on the encrypted data. Since there is a lifecycle to the way keys are available, the composting of keys prevents decryption of the data at a later time by an advisory removing the download now, decrypt later option.

I never like to use the term futureproof, but I would say that based on my understanding (and many, many hours of reading) this solution is mathematically unlikely to be broken in the future by an attacker. Qrypt’s solution relies on multiple methods of truly generating a long string random number at an efficient rate, along with the ability to locally generate a computationally secure seed, this is then transmitted to the cryptographic server where the extraction actually takes place based on “scrubbed” sample data for the actual encryption of the information.

The beauty of all of this is that the way this is done does not have to be contained the same way many companies do with their methods. The method, even if known, still has the true quantum random numbers that go into everything. This makes understanding how the process works of little use in attacking the information it protects. Now, in my article here, I have oversimplified the process and removed the mathematical models. But Qrypt’s website has access to much of the documentation used in writing this. There are also some great papers on how to generate true quantum random numbers using different methods out there, if you are looking for a little light reading. From a data and privacy perspective, solutions like Qrypt are going to be the next wave. They are resilient against commodity attacks and are computationally secure against nation-state efforts as well. At a time when IP theft and leakage of information is at an all time high, Qrypt could be a great solution to keep organizational data safe and secure now, and in the future.

Read 1136 times Last modified on Monday, 28 August 2023 13:02

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.