QNu Labs

Categories
Blog

Quantum Vaccination Program for Enterprises

Blog

Quantum Vaccination Program For Enterprises

Quantum Vaccination Program For Enterprises

Worrisome Situation: World Is Facing Not One But Two Pandemics - The Next Global Crisis: “A Cyber Security Pandemic"

Sunil Gupta   |   May 13, 2021

The whole world is reeling from one of the worst pandemics ever seen. Health systems of most countries are under stress, and in a few countries have crumbled from the sheer size of the population infected by a fast-spreading disease. People with low immunity and comorbidities are the worst impacted. The second wave of Covid has taken the world by surprise and the countries which were not prepared for the second, worst surge have been caught off guard and are struggling to contain and manage the disease.

This pandemic will be remembered as a uniquely disruptive period in our lives — but not just as a global health crisis. Online life has digitally transformed, with exponential change at home and work via cyberspace. However, the negative cybersecurity impacts of these online changes have led many experts to summarize the combined events of this year as a growing “cyber pandemic”. As per a govt. report, cyber-attacks amidst this pandemic rose by almost 300% in India. Recently an American cyber intelligence company hinted at a suspected China-linked cyber operation that was focused on India’s electricity grid and other critical infrastructure. The above data highlights that hackers have become more active in the last 12 months, taking advantage of the distraction and confusion all around due to the pandemic. Hackers thrive on such situations to carry out cyber-attacks.

A parallel can be drawn between this health pandemic and the cyber pandemic (CP). CP is widespread across geographies, countries, industry verticals and size of the enterprises. Large defense organizations, cloud service providers, telecom utility providers, critical infrastructures, healthcare enterprises, payment gateways, and financial institutions are suffering from CP. Over 1,000 CXOs were asked about the effects of Covid-19 on enterprise and government organizations in a recent global study done by Tanium and 90 percent of executives surveyed experienced an increase in cyberattacks due to the pandemic.

The recent colonial pipeline ransomware attack and subsequent shutdown has been sending shockwaves through the United States.Unfortunately, majority of the discourse surrounding this cyber incident seems to miss the point: cyberattacks, especially those against our increasingly exposed critical infrastructure, are now part of our digital reality. The U.S. was fortunate that the ransomware intruders did not seek to cause physical destruction by bridging over from the IT systems into the pipeline’s OT systems. Simply put, the colonial pipeline hack could have been far worse than a nuisance to fuel supply chains and impact on consumers wallets.

Hope: “Prevention Is Better Than Cure”

The only viable and effective answer today to save the life of people is mass vaccination. Besides the best practices of improving one’s general health, the only solution available to people is to build sufficient antibodies to fight the disease. This may not protect people from getting infected with Covid-19 and its multiple strains but will ensure that the damage is minimal and restricted, and the recovery is fast. Looking at the havoc created by the pandemic, pharma companies have created vaccines in a record time to deal with the pandemic. Tough times call for desperate measures and heroic efforts.

There was an initial hesitation in people about the efficacy and side effects of the vaccines, some of which are yet to complete trial phases. But people have realized that the risk to life from Covid is far more than the perceived risk from the vaccines. Thus the initial vaccine hesitancy has been overcome and populace is queuing up for inoculation.

CP is different and more difficult to address compared to health pandemic as the attack vectors in CP are far more and take many different forms, ranging from malware and ransomware to man-in-the-middle attacks, compromised credentials, and phishing. Therefore, the solution to address CP has to be easy to embrace, extremely fast in action and should address current and future threats.

QNu Labs, an indigenous quantum security start-up from Bangalore had anticipated a data apocalypse type of situation happening in the near future. It therefore started building next gen data security products in 2016 using bleeding edge technology based on quantum physics. QNu’s quantum-based cryptographic systems use quantum random number generators to produce quantum encryption keys and uses superposition properties of photons to generate identical symmetric keys at both ends of the communication link. Any unauthorized intrusion into the communication immediately severs the quantum channel—it becomes known instantly that there has been an eavesdropping attack.

Solution: Cyber Security Pandemic Needs Quantum Vaccination Drive!!

Given the dire situation of the cyber pandemic, which is only increasing in size, frequency and impact day by day, it is prudent and the need of the hour to implement the products and solutions based on this latest quantum technology. This technology may be new but it has gone through successful trials and implementation worldwide and, like the Covid vaccines, is ready for mass deployment.

It is time for quantum vaccination of enterprises to protect and minimize the impact from various attack vectors. Quvaxin from QNu consists of two solutions. The first solution (Tropos/Qosmos) upgrades the conventional software-based entropy source to quantum ready entropy source for generating encryption keys and digital certificates. The first jab will ensure instantaneously that the keys and digital certificates have no patterns or corelations of any kind which can be exploited by hackers. The second solution (Armos) takes the ‘data security in transit’ to the level of unconditional security so that no man in the middle can ever get an access to encryption keys, even on an unsecure network.

The process of giving Quvaxin is very simple - easy to use APIs, no disruption in the ongoing business and immediate benefits.

Reference Link:

Spread the word

Recommended Reading

What’s lurking in the Cloud?​

The lock down has clearly increased workloads to remote, cloud and hybrid environments. The cyber-attacks have just been growing steadily and relentlessly

Pharma firms at risk of cyberattacks: How companies can become 100% hackproof

In the past few weeks, a few Indian pharmaceutical companies witnessed...

Quantum Internet: A Leap Forward

On Oct. 29, 1969, a set of electrical signals emerged from the University of California, Los Angeles and traveled to one at the Stanford Research Institute in Palo Alto.

Follow Us

Categories
Blog

What’s lurking in the Cloud?

What’s Lurking In The Cloud?

What’s Lurking In The Cloud?

Ramesh Srinivasan, May 12,2021

The lock down has clearly increased workloads to remote, cloud and hybrid environments. The cyber-attacks have just been growing steadily and relentlessly. New victims every day and by the time the impact is understood there is a new ransomware, a new victim impacting organizations across the world. It looks like the hackers are far ahead in the game.

The four popular brothers -phishing, malware, ransomwares, and DDOS seem to be doing just fine and growing well. While the work has moved to home, by and large organizations have really not checked if the employees work in a safe environment, not physically but from network security, I have not heard of anything other than a VPN and in some cases everything is left to “it is someone else’s problem to solve “.

Let’s take the last few big take downs- Solar Winds, FireEye, Software AG, Paytm, easyJet, Marriot all have been victims, these are companies with skilled people and mature environments. So it’s really not the small business that is being attacked.

The hacker world has its own hall of fame, anything small is not going to get any attention in that world and more audacious the attack better the score. These are coveted spots you earn which keep the methods and game interesting by outdoing each other, new players emerge and join the club. Earlier we had Babuk ransomware which attacked Houston Rockets, a telecom company and Govt dept. all in a single month.

The lights on approach of folks manning the security networks, the talent gap and no updated policies are just adding to the vulnerabilities.

Spread the word

Recommended Reading

The Future Of Secure Encryption: Satellite Quantum Key Distribution

Companies and governments around the world are in a race to build the first usable...

Pharma firms at risk of cyberattacks: How companies can become 100% hackproof

In the past few weeks, a few Indian pharmaceutical companies witnessed...

Quantum Vaccination Program For Enterprises

The whole world is reeling from one of the worst pandemics ever seen. Health systems of most countries are under ...

Categories
Blog

The Future of Secure Encryption: Satellite Quantum Key Distribution

The Future Of Secure Encryption: Satellite Quantum Key Distribution

The Future Of Secure Encryption: Satellite Quantum Key Distribution

Deepika Aggarwal, May 08, 2021

Companies and governments around the world are in a race to build the first usable quantum computer. The technology promises to make some kinds of computing problems much, much easier to solve than with today’s classical computers, but it also poses a significant threat to the integrity of encrypted data.

A large-scale quantum computer would, for example, be capable of solving the prime-number factorization problem exponentially faster than classical computers. For authentication and data transmission, the widely used asymmetric encryption relies on the difficulty of solving just such mathematical problems. The arrival of effective quantum computers would thus lead to a fatal breakdown of the current security infrastructure.

Alternate “quantum-proof” methods of encryption are therefore required. Quantum Key Distribution (QKD) is one approach that exploits the fundamental laws of physics rather than specific mathematical assumptions. It is resistant to all known computational attacks, including those from future quantum computers.

The Need For Satellite Based Quantum Key Distribution

Ground-based QKD systems are commercially available today, but the range of communication of the current systems has been limited to a few hundred kilometers due to atmospheric losses or in-fiber attenuations. These limitations make purely ground-based systems impractical for a global distribution network.

Long-distance communication is far more important in meeting the security threat posed by quantum computers, for government, military, as well as business infrastructure. Interconnecting local QKD networks over international distances faces a huge technological hurdle: amplification or simple reception and retransmission of quantum states alters their properties and is thus fundamentally incompatible with QKD.

While “quantum repeater” might seem to be a solution, which allows single light particles to be stored, re-sent and manipulated without altering their state, but the related technology is still immature for practical implementations. Another solution, links with many “trusted relays”, can extend these distances from across a typical metropolitan area to intercity and even intercontinental distances. However, relays pose security risks.

Satellite based QKD systems offer the best approach for establishing a global-scale quantum network by using satellites that distribute secure keys to ground stations via free-space optical links.

The technology facilitates low photon loss and negligible signal disturbance (decoherence) in the empty out space. Propagation losses, which scale exponentially in fiber, scale only quadratically in free space and hence extend the range of quantum communication without compromising its security.

A satellite-based QKD system will ensure security over national and international distances, at a cost, much lower compared to ground-based fiber infrastructure for quantum-communications. By ensuring the secure distribution of cryptographic keys over globe-spanning distances, this space-based technology delivers ultra-secure, long-range communications capability at a level that cannot be achieved with ground-based fiber infrastructure.

Thus, a global QKD network of ground stations and satellites, using laser light to send secure secret keys, provides a great platform for securely connecting the world.

Spread the word

Recommended Reading

What’s lurking in the Cloud?​

The lock down has clearly increased workloads to remote, cloud and hybrid environments. The cyber-attacks have just been growing steadily and relentlessly

The Future Of Secure Encryption: Satellite Quantum Key Distribution

Companies and governments around the world are in a race to build the first usable...

Pharma firms at risk of cyberattacks: How companies can become 100% hackproof

In the past few weeks, a few Indian pharmaceutical companies witnessed...

Categories
Blog

Quantum Internet: A Leap Forward

Quantum Internet: A Leap Forward​

Quantum Internet: A Leap Forward

Anuj Sethia, May 08, 2021

On Oct. 29, 1969, a set of electrical signals emerged from the University of California, Los Angeles and traveled to one at the Stanford Research Institute in Palo Alto. This marked the inception of a new era for humanity, as this was the first data ever transmitted over Arpanet, the precursor of the internet. Unquestionably, the internet has had a revolutionary impact on our society.

On similar lines, a quantum internet's vision is to provide fundamentally new technologies by enabling quantum communication between any two points on Earth. Such a quantum internet will work in synergy with the "classical" internet that we have today to connect quantum information processors to achieve unparalleled capabilities that are impossible using only classical information.

As with any emerging technology, it is hard to predict all the quantum internet capabilities. The best-known application of a quantum internet today is quantum key distribution (QKD), enabling two remote network nodes to establish an encryption key. However, a quantum internet has many other applications with advantages that are unattainable with the present internet. More applications include secure access to remote quantum computers and more accurate clock synchronization. Moving ahead, more applications are likely to be discovered in the next decade.

A quantum internet requires spearheading three quantum hardware elements: quantum channel, quantum repeaters and quantum processors. Quantum channel supports the transmission of qubits similar to standard telecom fibers. Since they are inherently lossy, we require quantum repeaters to reach longer distances, thus scaling both entanglement and key distribution capabilities. The final element is the end nodes, i.e., the quantum processors connected to the quantum internet.

The stages of development toward a full-blown quantum internet can be identified as:
  • Trusted repeater network: A network with at least two end nodes using QKD to exchange encryption keys.
  • Prepare and measure: Enabling end-to-end QKD without the need to trust intermediary repeater.
  • Entanglement generation: Creation of quantum entanglement with a deterministic nature along with local measurements.
  • Quantum memory: This stage involves having a quantum memory with local control at end nodes.
  • Qubit with fault tolerance: The ability to perform local operations fault tolerance.
  • Quantum Computing: The final stage consists of quantum computers that can arbitrarily exchange quantum communication.

Based upon this vision for the quantum network, the current experimental status of long-distance quantum networks is at the lowest stage, i.e., trusted repeater networks. Building and scaling quantum networks is a challenging endeavor, requiring sustained and concerted efforts in physics, computer science, and engineering to succeed. Although it is hard to predict the exact components of a future quantum internet, we will likely see the first multimode quantum networks' birth in the next few years. This development would bring the exciting opportunity to test the ideas and functionalities that so far only exist on paper and are potential components of a future large-scale quantum internet.

Reference Link:

Spread the word

Recommended Reading

What’s lurking in the Cloud?​

The lock down has clearly increased workloads to remote, cloud and hybrid environments. The cyber-attacks have just been growing steadily and relentlessly

The Future Of Secure Encryption: Satellite Quantum Key Distribution

Companies and governments around the world are in a race to build the first usable...

Pharma firms at risk of cyberattacks: How companies can become 100% hackproof

In the past few weeks, a few Indian pharmaceutical companies witnessed...

Categories
Blog

The History of Light ​

The History Of Light​

The History of Light

The concept of light has been described by many thinkers over the centuries starting from the Greeks in the 5th Century BC to more recent physicists such as Newton , Heisenberg and Maxwell. The debate mainly revolved around the nature of light.​

Tony Philip   |   January 28, 2020

If you haven't realized this already, your grade 12 chapters on optics and light is more like a history review than a physics course. I say this because one never reaches the interpretation of light and its duality until towards the end of the book. Nor does it address the absurdities of quantum mechanics. The understanding is known as the classical interpretation of light and until the early 19th century there weren't any other strong interpretations.

Pierre Gassendi and Newton were two pioneers who believed that light was in fact made of matter (or particles). This was aptly named the corpuscular theory of light. Though they were ahead of their time, their inability to elaborate on the theory and explain phenomenon such as refraction, diffraction and interference of light led to the subsequent decline in the adoption of this hypothesis by the physicists of the day. This was because it required the understanding of the wave nature of light to explain these phenomenon.

Huygen’s wave theory is one the earliest interpretation of light as a wavefront. He believed that every disturbance on a secondary wavefront can be treated as a source of spherical wave. Though he was able to explain phenomena such as reflection and refraction using this theory, he was unable to explain attributes such as why light travels in straight lines (rectilinear propagation) and why light bends effects on sharp corners (diffraction).

In the 18th century, Fresnel showed that, Huygen’s theory together with his own principle of interference could explain both rectilinear propagation and diffraction of light. The Huygens Fresnel principle provided a strong foundation for the wave theory.

Later Young's double slit method gave the most definitive evidence to the wave nature of light and cemented our understanding of light as a wave. During this time there were multiple theoretical interpretations of light from physics such as J.C. Maxwell who derived the iconic Maxwell’s equation to describe the polarization of light and other electromagnetic radiation.

JJ Thomson’s discovery of electrons was another step in the direction of quantum physics Though it was not intended to prove the quantum nature of particles, Davisson – Germer's double-slit experiment at Western Electric proved that electrons had a wave nature too. This helped to advance and confirm the hypothesis proposed by Louis de Broglie earlier. De Broglie’s hypothesized the dual nature of matter (not just light). De Broglie’s hypothesis constitutes the fact that any particle with a linear momentum can have wave like attributes. This has been since confirmed with many subatomic particles such as electrons, neutrons and even some macromolecules.

In 1900, just as the dust was able to settle in favor of the classical interpretation as the exclusive interpretation of light. Max Planck, a German physicist demonstrated that black body radiations can be explained by considering energy emitted as discrete quantized states or in other words, the energy can only be a multiple of an elementary unit. This postulate has been one of the foundations of quantum physics.

Einstein in his iconic paper in 1905 proposed that the photoelectric effect was a direct consequence of the quantum nature of light. Photoelectric effect is the emission of electrons from a metal when sufficiently energetic electromagnetic radiation hits the surface. It is observed that an increase in intensity of light does not add to the effect, a phenomenon that is exclusive only to the frequency of electromagnetic radiation. And when the energy (or frequency) was high enough, it would knock an electron off its orbit. Thus, Einstein proposed that a beam of light is not a wave propagating through space but a collection of discrete packets of definite energy. These packets of energy are what we call photons today. This paper is what won him that Noble Prize in physics in 1921 (and not for equation which he is most famous for in general relatively -> E=mc^2 )

Physicists such as Neils Bohr took this as the insight required to explain the Hydrogen and Balmer Series formed from by release of several distinct frequencies of light corresponding to the energy released by electrons which are moving to a lower energy orbit. Furthermore, atoms of individual elements emitted wavelengths in distinct lines of a spectrum rather than a continuous spectrum as seen in a black body radiation.

In 1927, Werner Heisenberg published a paper with the famous Heisenberg uncertainty principle. Heisenberg is widely credited for laying a mathematical foundation to the field quantum mechanics. Later, he aptly received the Nobel prize in physics in 1932 “for the creation of quantum mechanics” .On top of his efforts, other physicists such as Dirac, Born, Schrodinger and Pauli brought in more mathematical interpretations and evidence to quantum physics cementing our understanding of the quantum nature of light.

blog-light02

Figure 1 - Hydrogen emission spectrum lines

Today, the field of photonics and quantum mechanics is seeing a renewed interest and massive adoption as we are bring ideas from the realm of theory to reality. This extends to everything from the development of advanced sensors & radar to securing communication & processing information.

And all it took us was a few decades of continuous debating, questioning and rewriting of our fundamental understanding of physics and light.

Reference Link:

Spread the word

Recommended Reading

What’s lurking in the Cloud?​

The lock down has clearly increased workloads to remote, cloud and hybrid environments. The cyber-attacks have just been growing steadily and relentlessly

Pharma firms at risk of cyberattacks: How companies can become 100% hackproof

In the past few weeks, a few Indian pharmaceutical companies witnessed...

Quantum Internet: A Leap Forward

On Oct. 29, 1969, a set of electrical signals emerged from the University of California, Los Angeles and traveled to one at the Stanford Research Institute in Palo Alto.

Categories
Blog

Network security, a peek into how it all started

Network security, a peek into how it all started​

Network security, a peek into how it all started​

Vivek Shenoy   |   January 28, 2021

While we harp on data and network security in today’s interconnected world, and today there is an entire armory of network security and vulnerability assessment tools available, here is a peek into the history of network security and how an accidental piece of code woke us up.

Dubbed the “Morris worm”, it was written by Robert Morris a graduate student at Cornell University and launched on Nov 2, 1988 from the computer systems of the Massachusetts Institute of Technology. In the few hours of it being launched, 1000s of computer systems were down, the Internet was clogged and rendered dysfunctional. In the words of Clifford Stoll, a systems administrator "I surveyed the network, and found that two thousand computers were infected within fifteen hours. These machines were dead in the water—useless until disinfected. And removing the virus often took two days". Stoll commented that the worm showed the danger of monoculture, as "If all the systems on the Arpanet ran Berkeley Unix, the virus would have disabled all fifty thousand of them”.

And what Morris was trying to do was something remarkably simple – he simply wanted to know how many computers were on the Internet. There was no statistics or information available and he did it in the most ingenious way possible – write a piece of code that would try and do a remote access to all the machines that a particular user has access to and replicate itself on the remote machines and report back to the mother node. He got his answer – about 6000 computers – at the cost of bringing down the Internet and giving the world a clarion call on what it means to be “hacked”.

The worm exploited some of the known vulnerabilities and remote access options that computer systems provided:
  • A hole in the debug mode of the Unix sendmail program
  • A buffer overflow or overrun hole in the fingerd network service
  • The transitive trust enabled by people setting up network logins with no password requirements via remote execution (rexec) with Remote Shell (rsh), termed rexec/rsh
  • Weak, dictionary-based passwords that users chose for themselves

From the start, it would check which systems a user had remote access to, do a rsh to that machine, replicate itself and try and guess other users passwords using a standard dictionary attack. The results were spectacularly successful.

It worked around many of the safeguards that an operating system uses to limit a user/program using up resources – Unix would automatically “nice” a program that executed for several minutes, lowering its priority. The worm responded by killing itself and respawning, automatically upping its priority. Most network data transfer supported only ASCII transfers, so the worm copied itself in source code and complied it on the remote machine to start execution.

It had safeguards to limit itself, by checking if a computer already had the program running. It was programmed to replicate itself only one out seven times and an unfortunate bug in the code prevented this from happening, resulting in the same computer getting infected again and again, virtually bringing it to a standstill.

While Morris’s intentions were non-malicious and even harmless, and it eventually resulted in him being charged under the Computer Fraud and Abuse Act, 1986 and fined $10,000 and 3 years of probation.

Which brings us to today’s world of interconnected systems – we are over-reliant on our networks and systems working perfectly well, our data being safe and hacker-resistant. While tools and systems exist to check networks and systems against vulnerabilities, exploits tracked, advisories published, and warnings made out, we are still vulnerable in one aspect – weak passwords. Change it now!

Reference Link:

Spread the word

Recommended Reading

Quantum Random Number Generator and its relevance today

To ensure safety and trusted communication in today’s connected world, random number generators are a critical security element.

Threat to National Security and Country’s Economy with Imminent arrival of Quantum Computers

To ensure safety and trusted communication in today’s connected world, ...

Dark Side of Quantum Computers A Lurking Threat to National Security

Data is a critical part of digitization; nation-state hackers pose...

Categories
Blog

Pharma firms at risk of cyberattacks: How companies can become 100% hackproof

Pharma firms at risk of cyberattacks how companies can become hackproof

In the past few weeks, a few Indian pharmaceutical companies witnessed unprecedented and unfortunate cyberattacks. Two of the prominent firms also confirmed the data breaches in their systems.

Sunil Gupta   |   January 13, 2021

Share:

Want to get latest updates from
QNu Labs?

Subscribe to our newsletter
to receive updates
from us

Cybercriminals are especially eyeing pharmaceutical companies in view of the COVID-19 pandemic. Indian pharma firms were possibly attacked since they are providing affordable medicines on a large scale and are important in drug discovery and supply chain.

The pharmaceutical sector as a whole has become a prime target of State-sponsored hackers as they own Intellectual Property (IP) and are involved in drug discovery, both of which are of high value.

With changing geo-political landscape, Chinese aggression on our critical infrastructure has risen in recent years. In the past, China-backed hackers had reportedly attacked pharma giants like Bayer AG and Glaxo-Smithkline. With the threat looming on pharmaceutical companies, firms in India and across the globe should be prepared to secure their data unconditionally as it concerns their valuation and reputation.

The bright side of Quantum Computer in Pharma

We live in an era where electric cars are already here, driverless cars are under advance trials, SpaceX mission to enable the colonization of Mars is under development. The year 2019 also saw a massive milestone for the mankind when Google’s 53 bit quantum computer achieved the quantum supremacy. Scalable and reliable quantum computers will soon be a reality. These computers are a boon to pharmaceuticals, healthcare, and life sciences. Quantum computers have the ability and potential to change the definition of molecular comparison by enabling methods to analyse larger-scale molecules and develop new drugs.

Today, classical computers can analyse hundreds and millions of comparisons, but they are limitations in terms of the size of the molecules which they can compute. By leveraging quantum computers, companies will be able to accelerate the process of drug discovery.

Since Quantum computers are more readily available, companies will be able to compare large molecules. This will lead to pharmaceutical advancements and help firms discover cures for a range of diseases.

Quantum computers like Google, IBM, Honeywell, Riggeti, 1QBIT are also available on the cloud. Big giants in pharma are already using quantum computers for research.

Rapid digitisation of Pharmacetical industries

Digital transformation is complicating data security for organisations. The more digitally transformed an organisation, the more it becomes vulnerable to data breaches.

In recent years, the pharma industry has embraced IoT, which is a network of computing devices and digital machines that can communicate and transfer data across the system. This helps them streamline confidential information, trends and critical data.

IoTs are increasing organisation’s cyber risk and adding vulnerabilities by giving more opportunities for hackers to gain access to the network. Hence, now is the time to realise that the ‘data in motion’ is at high risk.

The Weak Link

Today's cryptosystems are mainly based on mathematical complexities. Any cryptosystem which is built on mathematical complexities—like RSA, DSA, Diffie-Hellman, ECC (Elliptical Curve Cryptography) and other variants of ciphers—is vulnerable.

Today, hackers can easily steal encrypted information because of public key access. In the near future, they will be able to decrypt private keys with a quantum computer by using Grover’s or Shor’s algorithms.

High computation power is adding concern to today's PKI. Hence, any crypto based on mathematical complexities is at risk in the present era.

The rising need of Quantum Cryptography

Forward security or secrecy is the ‘Need of the Hour’ for pharma companies today. Forward secrecy protects past sessions against future compromises of keys or passwords.

Our products and solutions, based on the laws of quantum mechanics, offer forward secrecy for critical data. Any copying of sessions and encrypted data cannot be broken in future using any compute power or algorithms known today.

Frequent generation and usage of new quantum-safe encryption keys protect data from any current and future attacks. Additionally, any attempt of eavesdropping into the network will be immediately known because we use photons to send the encrypted keys. The system will alert the network on the attempt and destroy the encryption key so that hackers don’t get access to it.

We are in quantum era now and therefore enterprise must consider to use the technology that is provable secure and is independent of the compute power in the hands of hackers.

Recommended Reading

Quantum Internet: A Leap Forward

On Oct. 29, 1969, a set of electrical signals emerged from the University of California, Los Angeles and traveled to one at the Stanford Research Institute in Palo Alto.

The History Of Light

The concept of light has been described by many thinkers over the centuries starting from the Greeks in the 5th Century BC to more recent physicists such as Newton,...

Network security, a peek into how it all started

While we harp on data and network security in today’s interconnected world, and today there is an entire armory of network security

Follow Us

Categories
Blog

Being Crypto Agile in A Quantum World

Being Crypto Agile in A Quantum World

Share:

Want to get latest updates from
QNu Labs?

Subscribe to our newsletter
to receive updates
from us

Over the past 25 years, cryptographic algorithms have undergone a few upgrades and experienced some vulnerabilities. We are currently entering the Y2Q era where legacy crypto has become obsolete. During the Covid-19 pandemic, cyber crimes reportedly quadrupled. Since we are already in the quantum era, it’s time we realise the need to be ready for a post-quantum world.

Today, most cyber threats and attacks go undetected. Quantum cryptography is a boon in this case as it allows firms to understand and detect threats such as MITM attacks, DDoS Attacks, Trojan attacks, and security spoofing.

What does cryptoagility mean in Y2Q?

Cryptoagility is a practice in designing the information systems which encourages support of new crypto primitives and crypto algorithms without making significant changes to system infrastructure. A plan is considered to be cryptoagile if the existing cryptographic algorithms and other parameters can be changed with ease without leaving gaps in implementation.

Are today's crypto algorithms safe?

Today’s cryptosystems are based on mathematical complexities like RSA, DSA, Diffie-Hellman, ECC (Elliptical Curve Cryptography) and other variants of ciphers.

Currently, all the public key cryptography in security products and protocols use ciphers. Hackers are already harvesting data which is encrypted without keys and are now going after information locked with keys. In the near future, they can decrypt private keys with a quantum computer by using Shor’s algorithm. Since high computation power is adding concern to today’s PKI, any crypto with mathematical complexities is a risk in the present Y2Q.

How can you be cryptoagile?

Crypto algorithms don’t require quantum computing to be broken. Most break over time since cryptography is a evolutionary process and algorithms become obsolete after sometime.

Practice cryptoagilty in your organisation Cryptoagility is the process where organisations have the ability to react to threats by implementing alternative methods of encryption. Organisations should have:

- The ability to respond to threats by being cryptoagile
- Updated device roots, Keys and Certificates
- Quick and easy migration from PKI to post quantum-resistant algorithms become obsolete after     sometime.

Stay secure with Quantum Key Distribution (QKD) Start protecting your mission-critical connected devices using secure key management which consists of quantum keys. QKDs use photons to send encrypted keys which are theoretically unbreakable. The super advantage of QKD is when an eavesdropper tries to read or intercept the data, the QKD system sends an alarm and the connection and keys is destroyed.

Secure applications with Quantum Random Number Generator (QRNG) Generating a high quality of random numbers means that your organisation is secure. A QRNG helps in generating truly random numbers naturally by using laws of quantum physics. Thus, it produces a high entropy for critical applications where the high-quality random number is much vital like data center, cloud, gaming and lottery applications, blockchain network, etc. The biggest advantage is that it can detect any attack on entropy sources.

Secure applications with Quantum Random Number Generator (QRNG) Generating a high quality of random numbers means that your organisation is secure. A QRNG helps in generating truly random numbers naturally by using laws of quantum physics. Thus, it produces a high entropy for critical applications where the high-quality random number is much vital like data center, cloud, gaming and lottery applications, blockchain network, etc. The biggest advantage is that it can detect any attack on entropy sources.

Advantages of implementing Quantum Cryptography

Forward security or secrecy is the ‘Need of the Hour’ for companies today. Forward secrecy protects past sessions against future compromises of keys or passwords.

- Avoid SSL Attacks
- Organisations can discover potential back-door vulnerabilities
- Keys and data do not travel together, as a result there is no risk of ‘Harvest now, Decrypt later’
- No need to replace current cryptosystem; just add a quantum layer

Recommended Reading

Quantum Vaccination Program For Enterprises

The whole world is reeling from one of the worst pandemics ever seen. Health systems of most countries are under ...

What’s lurking in the Cloud?​

The lock down has clearly increased workloads to remote, cloud and hybrid environments. The cyber-attacks have just been growing steadily and relentlessly.

The Future Of Secure Encryption: Satellite Quantum Key Distribution

Companies and governments around the world are in a race to build the first usable quantum computer.

Follow Us

Categories
Blog

‘Harvest now, decrypt later’ and the Quantum Revolution

‘Harvest now, decrypt later’ and the Quantum Revolution

Share:

Want to get latest updates from
QNu Labs?

Subscribe to our newsletter
to receive updates
from us

Today, a huge amount of stolen information is lying in foreign databases. They are ready to be exposed in the next few years with the imminent arrival of quantum computers. It’s time for governments and enterprises to step up. They need to be quantum-ready and develop a cryptoagility strategy.

With the acceleration in digital transformation, there is an increase in likelihood of data breaches. Today, nations are developing smart cities, autonomous cars and other edge devices where the vulnerabilities can open up at many points. We live in a world where codes run power plants, industries and more. But this kind of digital transitioning demands upgradation of data security too.

Data is a critical part of digitization; nation-state hackers pose a threat to the best of cybersecurity systems since they can steal vital information, including drug blueprints, government confidential information, banks’ sensitive data, enterprise R&D information and nuclear blueprints.

Cybercriminals are continuously finding ways to incorporate sensitive information in their networks across the globe. Hackers working for China, Iran, Russia, North Korea and other nations are spying and stealing data and harvesting them for the future.

Some of the attacks which we can relate in the past are where the data is really sensitive are:
- USA escalating online attacks on Russia’s power grid,
- Stuxnext worm on Iranian nuclear facilities.

In the battles of cybersecurity and cybercriminals, the game changer is coming in the form of quantum computers which can break the conventional cryptography in no time. Any encryption which is built on mathematical complexities (which include RSA, DSA, ECDH and other variants of ciphers) are highly vulnerable to quantum attacks. Encryption protects everything from sensitive information to operation of power plants, dams, stock markets, defence secrets, governments sensitive data and more. Data tapping is not new. Hackers are motivated to tap the encrypted data and collect substantial amounts of it, while waiting for quantum computers to crack the keys. If hackers are able to crack the encrypted keys, it will be the next “data pandemic”.

Quantum Race of Super Powers

China and US are in the race to develop a quantum computer, which can democratize many industries, particularly in the fields of medicine, AI and scientific modelling. Chinese satellites are using quantum cryptography to secure video conferences between continents. Swiss government is also using quantum key distribution (QKD) to protect its national elections and many such applications.

As tons of data is already sitting on cloud, databases can be exposed any time in the near future using a quantum computer. The estimated time is 2-3 years. Are you ready for the next data pandemic?

What organisations can do to be Quantum Ready

- Conduct post-quantum risk assessment
- Diagnose infrastructure of your organization
- Have Crypto Agility to counter quantum attacks
- Ensure your PKI can be migrated to quantum cryptography in no time
- Take hybrid approach using quantum and classic crypto solutions
- Design quantum-safe infrastructure

Why is quantum cryptography unbreakable?

Follow Us

Categories
Blog

Quantum Random Number Generator and its relevance today

Quantum Random Number Generator And It’s Relevance Today

To ensure safety and trusted communication in today’s connected world, random number generators are a critical security element. The strength of the security system lies in the quality source from which the entropy is derived. The characteristics of a random number generator are:

- They should constantly provide true randomness,
- They should not be predictable.

The strength of the keys is determined by the highest degree of randomness used in its generation. This means, the higher the degree of entropy, the stronger is the key.

Are today's random numbers weak?

Random numbers are used as seeds for cryptosystems to generate keys. Hence, the strength of the keys depend on the randomness of the input seed.

There are generally two types of random number generators: deterministic random number generator, also called Pseudo-Random Number Generator (PRNG) and non-deterministic random number generators, also known as True Random Number Generator (TRNG).

PRNG is a software-based algorithm which generates random numbers from deterministic source seed. The seed for the software could be a date, temperature, pressure or any deterministic input that are given to an algorithm randomising the input by using a mathematical formula.

True Random Number Generator (TRNG) uses hardware-based inputs to create random values. Here, the inputs are generally physical processes like avalanche noise, thermal noise or atmospheric noise. These noises are then converted into electronic signals and then into digital signals in order to generate random bits.

PRNG and TRNG are vulnerable due to their predictability

- The outcome is predictable
- They can be subsequently reproduced
- In these RNG’s, the output is determined by the seed which is predictable
- RNG produces the same output regardless of input; this is referred to as reused seeds
- It becomes easy for hackers to guess and predict the keys

How QRNG works?

In cybersecurity, perfect random number is a root of trust. A QRNG does not rely on mathematical algorithms but on laws of quantum physics to ‘naturally’ generate random numbers.

A QRNG can produce unpredictable outcomes in a robust and well-controlled way. It includes the power of complex deep-tech technologies such as semiconductors, optoelectronics, high precision electronics and quantum physics that work together to create the highest level of randomness possible.

QRNGs use random properties of quantum physics to generate a true source of entropy. This improves the quality of seed for key generation. Since the entropy sources are derived from fundamental models, all the properties and behaviours are understable and provably secure.

Benefits of having QRNG (Quantum Random Number Generation)

- The source of randomness is unpredictable and controlled by quantum process.
- The entropy source tends to produce true random output.
- Live/ real-time monitoring of entropy source is possible and highly effective as well.
- All attacks on the entropy source are detectable.
- The above factors indicate that our QRNG is provably secure.

Applications of QRNG

- Securing data at rest in data centres
- Securing any kind of sensitive data
- Securing data in the cloud
- One-time pad for authentication in banking and other transactions
- Gaming applications and lottery
- Block-chain network
- Numerical simulations, statistical research
- IoT Devices
- E-commerce and banking applications
- Cryptographic applications
- Telecom and 5G

Follow Us