Defense officials are eyeing a new generation of encryption technology to shore up protection against the spillage of sensitive material from cyber intrusions.
The new technology, homomorphic encryption, can resist quantum computing-based attacks, which are capable of tearing through many classical encryption protocols and are being tested by foreign powers, posing considerable national security risks.
RESEARCHERS CLAIM METHOD TO BREAK ENCRYPTION USING EXISTING QUANTUM COMPUTER
“[It’s] general knowledge that the major tech nation-states have been experimenting with quantum computing technologies. It’s been slowly evolving over the years,” Kurt Rolhoff, co-founder and CTO of Duality Technologies, told the Washington Examiner. “[There’s] emerging threats of nation-state level attacks on classical cryptography systems.”
Recently, the Defense Advanced Research Projects Agency announced a multimillion-dollar contract with Duality Technologies, a firm that specializes in homomorphic encryption, which is designed to withstand quantum computing attacks. It does so through higher dimensions of security and more complex encryption keys compared to classical measures.
Due to its ability to process exorbitant sets of complex mathematical problems at breakneck speeds, quantum can crack traditional encryption standards such as the RSA system used in many websites, which usually has about “one real dimension of security,” according to Rolhoff.
“The benefit of these … cryptography techniques is there’s not just one number, but there’s many, many, many numbers that go into the actual key — the thing that has to be mathematically solved,” Rolhoff said. “Think about something that’s initially hard, but relatively straightforward, to something that’s hard, but also much, much larger in dimension.”
In addition to being post-quantum, homomorphic encryption can be used to protect data when in use. This is critical because oftentimes encryption is deployed to protect material while it is in transit from a storage site to a user. By serving as an end-to-end style of encryption, sensitive information is less vulnerable to attack.
Recent controversies surrounding former President Donald Trump’s and then-Vice President Joe Biden’s handling of classified files have sparked national discussions about safeguarding intelligence. Rolhoff believes the technology can be used to better protect confidential material that needs to be shared with others.
This is especially true for instances when officials need to run analyses on large sets of information, where it is best to avoid constantly sharing all of the raw content, Rolhoff said.
“These kinds of environments about being able to interact with data without actually being able to touch the data itself, but still see the results of analysis are the kinds of things that we see as part of the broader applicability, broader vision of using privacy technologies,” Rolhoff said. “It’s a way of basically harvesting information systems by the principle of least access.”
To ensure his anti-quantum encryption technology is up to snuff, Rolhoff is keeping his advanced security tools open-sourced so observers can attempt to poke holes in them and flag problems.
“Probably the worst thing possible is to have a proprietary technology that no one’s inspected, having a bad actor get access to the source code, and then finding bugs that no one else is ever going to find because the software is proprietary,” Rolhoff said.
Duality Technologies produces the OpenFHE (Fully Homomorphic Encryption) Library, which has been developed with support from DARPA. The company’s goal is to ramp up the processing speeds of its homomorphic encryption calculations.
Rolhoff is currently unaware of anyone breaching a properly implemented homomorphic encryption system.
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
“We, as a community, the homomorphic privacy community writ large, are putting a lot of effort into developing standards for security for homomorphic encryption,” Rolhoff said. “And I’m not aware of anyone being able to break the encryption of the homomorphic encryption capabilities when they use standard secure parameter sets.”