Drs. Ir. Maran van Heesch
- quantum applications
- quantum computing
- quantum security
- cryptography
Picture this: a quantum computer exists which can handle complex problems that are practically unsolvable for today’s computers as the calculations would take centuries. Which contributes to new products and services. Which has the potential to help in the development of personal medicines. However, we also need answers regarding the security risks of the quantum age. This is why it’s crucial to secure information against attacks that use a quantum computer. TNO can help companies to make networks quantum-safe and to solve legacy problems. The quantum-safe VPN connection (Virtual Private Network) is an example of this.
Cryptography is widely used to shield information from unauthorised access. This has been successful because even the fastest computers would take hundreds to millions of years to decipher encrypted information. With the advent of the quantum computer, however, this will change.
Although it will take some time before a quantum computer that can crack cryptography actually exists, it’s important to take action now. All encrypted information which is currently being communicated or stored can be saved for later cracking by a quantum computer. To ensure that confidential information remains secure for a long time, it is important to develop cryptosystems that can withstand attacks from both the current computer and the quantum computer: so-called post-quantum cryptography or quantum-safe cryptography.
Find out which steps you need to take
Organisations have many software applications running, which often results in a lack of a complete overview. In addition, old systems – so-called legacy systems – are still in use far beyond their expected lifespans and are used to support important, critical and often large-scale ICT processes. This legacy of systems puts a damper on innovation and poses an ever-increasing risk to stability and reliability. To solve this legacy problem, untangle the chaos and make the network quantum-safe, a smart solution is needed.
The advent of the quantum computer and existing legacy problems create challenges for companies. One often no longer knows what’s going on within the company network and it’s difficult to determine if the most recent version of cryptography is being used everywhere. Figuring this out and then re-securing your systems is a huge task. Where should you start? With the inventory – and TNO can help with this.
The Advanced Security Proxy (ASP) not only helps to make an inventory of the security of software systems in use but can also be a guarantor of secure traffic. The ASP can be used to make organisations quantum-safe. The tool – which can make efficient use of programmable hardware – can provide insights into legacy problems while mitigating security risks through the quantum-safe encryption of data exchanges. The ASP can improve the security of older systems without reworking the older systems themselves. You could compare this to a smart VPN connection, but in this case the ASP is an element between the network and the internet which is capable of monitoring all connections to the internet.
The ASP quickly performs deep packet inspection on (potentially encrypted) communication channels using programmable hardware. The tool performs various gateway functionalities, such as monitoring the security level of the cryptography in use and upgrading the cryptography to set up more secure channels that traverse less secure networks, such as the internet. By upgrading the encryption used, the ASP protects older devices that cannot do this independently. If you want to know more about how the ASP works, you can read further here.
The ASP protects older network systems against current security threats without requiring the organisation concerned to directly invest in major network updates. This is a much cheaper solution as the implementation costs of the ASP are low. Furthermore, there is no need to update the entire security portfolio when the ASP is implemented. The tool is a natural addition to your current security portfolio. The ASP can therefore save the Dutch business community a lot of costs, especially for organisations with an extensive network infrastructure.
The ASP is a multifaceted system. It can be added to an existing security portfolio as a passive or active element or a combination of both, depending on the desired functionality. As a passive element, it can serve as a lifelong crypto-inspector. As an active element, the ASP can be used to increase the security of legacy systems. Interested in the ASP? Please contact Maran van Heesch.
VPN connections are often used to give people who work from home access to their employer’s internal network, for example. With the help of a VPN connection, a secure connection can be made to the employer’s network over the home network’s internet. VPN connections make use of an encrypted connection. The cryptography used for this is not quantum-safe and therefore carries a security risk. The data sent over the VPN connection are currently not protected against attacks by a quantum computer.
Post-quantum cryptography can be used to make VPN connections quantum-safe. At TNO, we have tested this with OpenVPN. There are different types of post-quantum cryptography, each with different properties. Through our tests, we have made it clear that some types of cryptography require more bandwidth while others require more computing power. It is important to investigate the impact that post-quantum cryptography will have and which type is most suitable for different security products.
Another example of a security product which is affected by the quantum computer is the public key infrastructure (PKI), which is widely used for digital authentication. The migration to quantum-safe PKI is more complex than the migration to quantum-safe VPN, both from a technical and governance perspective.
Within TNO, there is a strong foundation of applied cryptographic knowledge and a lot of expertise in the fields of internet, communication networks and cybersecurity. This unique combination enables us to oversee the impact of post-quantum cryptography and to advise and guide organisations in the transition process for their information security.
Please contact Maran van Heesch
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.