Cybersecurity: Aspects of Cryptography from a Classical and Quantum Perspective (An Ongoing Review) Joseph Spring University of Hertfordshire British Council India Tour January 2017 – Pune and Chennai

Cyber Security

Cyber security “the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide” M. Gasser, 1988, Building a secure computer system, van Nostrand Reinhold. Information security – “the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information”

Cyber security Following the statements above we note the following concepts: Authentication Establishing for example that I am who I say that I am and that I am entitled to gain access to some entity such as my computer Confidentiality Any data sent between two parties is not seen by unauthorised observers Integrity Establishing that the message sent is the same as the message received Non repudiation Ensuring that the sender of some information cannot deny that they sent the information Accessibility If I am entitled for example to use a service then I want to be able to do so Anonymity In for example voting schemes where one might also like confidentiality A long standing tool in maintaining a degree of control and defence of information systems is cryptography

Threat Models

Standard Threat Model Encrypt Decrypt Plaintext Ciphertext Ciphertext Alice Bob K1 Eve K2 Trusted Key Source

Classical Cipher Schemes

Classical Cryptography Symmetric Systems K1 = K2 Vernam (One Time Pad), Data Encryption Standard, Blowfish, Twofish, Serpent … Rijndael, Advanced Encryption Standard Asymmetric Systems K2 = (K1)-1 Based on what are perceived to be hard problems Integer Factorisation Problem (IFP) and the Discrete Logarithm Problem (DLP, ECDLP) RSA for the IFP Diffie – Hellman (DLP based Key Agreement Protocol) El Gamal (Number Fields, Algebraic Number Fields, Points on an Elliptic Curve)

Quantum cryptography

Cryptography Quantum Information Theory Postulates 1 Postulate 2 cbits - binary bits 0 or 1 Qubits - vectors in a 2 dimensional vector space, a Hilbert Space Postulate 2 Analogues of processing information using classical AND, OR, NAND, NOR logic gates Not all reversible Operators/Gates: Hadamard, Pauli Operators, CNOT, swap, phase gate, …. Unitary operators, all are reversible Postulate 3 After processing information in a quantum setting we measure using Hermitian operators which give us real/classical values Postulate 4 Using tensor products to represent multiple qubits similar to how we use bytes to represent bits

Resources Key Quantum Resources include Entanglement Teleportation 4 Bell entangled states Generated by two qubits, a Hadamard and a CNOT gate Teleportation Involves an unknown state that we wish to send (Teleport) to a particular receiver CNOT, Hadamard, measurement and being able to communicate classically with a receiver Both concepts have been experimentally verified Both concepts are being used in the construction of quantum networks Entanglement, Entanglement swapping and Teleportation

Quantum Cryptography Key Agreement Protocols The Diffie Hellman Key Agreement Protocol is a classical based protocol Uses a multiplicative cyclic group, a primitive and the DLP to agree a symmetric key, the same key for sender and receiver BB84, B92 and E91 are quantum based key agreement protocols They employ: No cloning Theorem (Quantum Property) Information gain implies disturbance (Quantum Property) Information Reconciliation (Classical Technique) Privacy amplification (Classical Technique)

Shors Algorithm In the mid 1990’s Peter Shor published a paper in which he established that given a quantum computer of sufficient processing power his algorithm would break any scheme based on either the IFP or the DLP It broke the following algorithms in a very efficient manner Diffie Hellman RSA El Gamal – all three forms And led to the problem of what to replace these algorithms with. These were/are very efficient in comparison to current alternatives.

Post Quantum Cryptography The PQC cryptographers and designers have been looking at Hash Based Cryptography Code Based Cryptography Lattice Based Cryptography Multivariate Quadratic Equation Based Cryptography Symmetric Key Based Cryptography

Cyber Related Issues

Cyber Related Issues We are now in an age in which: Quantum information Quantum technology are going to increasingly pervade our everyday experience Likewise: Cybersecurity, cyberwarfare and cybercrime Pervasive computing, Distributed systems The cloud Internet of things

Thank You