Cybersecurity by quantum - safe crypto

Go straight to information on:

• Solving legacy problems
  
• In practice: Advanced Security Proxy (ASP)
• In practice: Making VPN connections quantum safe
  

Tool: advanced security proxy

The Advanced Security Proxy (ASP) not only helps to make an inventory of the security of software systems in use but can also be a guarantor of secure traffic. The ASP can be used to make organisations quantum-safe. The tool – which can make efficient use of programmable hardware – can provide insights into legacy problems while mitigating security risks through the quantum-safe encryption of data exchanges. The ASP can improve the security of older systems without reworking the older systems themselves. You could compare this to a smart VPN connection, but in this case the ASP is an element between the network and the internet which is capable of monitoring all connections to the internet.

The ASP quickly performs deep packet inspection on (potentially encrypted) communication channels using programmable hardware. The tool performs various gateway functionalities, such as monitoring the security level of the cryptography in use and upgrading the cryptography to set up more secure channels that traverse less secure networks, such as the internet. By upgrading the encryption used, the ASP protects older devices that cannot do this independently. If you want to know more about how the ASP works, you can read further here.

The advantages of asp: cheaper and simpler

The ASP protects older network systems against current security threats without requiring the organisation concerned to directly invest in major network updates. This is a much cheaper solution as the implementation costs of the ASP are low. Furthermore, there is no need to update the entire security portfolio when the ASP is implemented. The tool is a natural addition to your current security portfolio. The ASP can therefore save the Dutch business community a lot of costs, especially for organisations with an extensive network infrastructure.

The ASP is a multifaceted system. It can be added to an existing security portfolio as a passive or active element or a combination of both, depending on the desired functionality. As a passive element, it can serve as a lifelong crypto-inspector. As an active element, the ASP can be used to increase the security of legacy systems. Interested in the ASP? Please contact Maran van Heesch.

Tool: Quantum-Safe VPN

VPN connections are often used to give people who work from home access to their employer’s internal network, for example. With the help of a VPN connection, a secure connection can be made to the employer’s network over the home network’s internet. VPN connections make use of an encrypted connection. The cryptography used for this is not quantum-safe and therefore carries a security risk. The data sent over the VPN connection are currently not protected against attacks by a quantum computer.

Post-quantum cryptography can be used to make VPN connections quantum-safe. At TNO, we have tested this with OpenVPN. There are different types of post-quantum cryptography, each with different properties. Through our tests, we have made it clear that some types of cryptography require more bandwidth while others require more computing power. It is important to investigate the impact that post-quantum cryptography will have and which type is most suitable for different security products.

Another example of a security product which is affected by the quantum computer is the public key infrastructure (PKI), which is widely used for digital authentication. The migration to quantum-safe PKI is more complex than the migration to quantum-safe VPN, both from a technical and governance perspective.