RUB engineers have developed encryption technologies for practical applications to protect microdevices from hacker attacks conducted by quantum computers.
The Hardware Security Group at the Ruhr-Universität Bochum is currently working towards protecting the data against threats of tomorrow with the devices available today. The science magazine Rubin reports.
Devices with a long service life have to be secure in the long term
Due to a novel computation paradigm, quantum computers could break certain cryptographic techniques that are widely used today. We must now brace ourselves for the fact that highly powerful quantum computers may exist in a few years’ time, says Prof Dr.-Ing. Tim Güneysu, who had been researching at the Ruhr-Universität Bochum under the umbrella of the “Post-Quantum Cryptography” project and is now employed at the University of Bremen.
Cryptography is implemented in many devices with a long service life, for example in satellites. Those devices have to remain secure in many years’ to come. Likewise, microdevices handling long-term critical data, such as electronic health cards, require cryptographic systems that are secure in the long term.
Implementing processes with long codes into small devices
Under the project “Post-Quantum Cryptography”, Tim Güneysu and his colleagues identified categories of cryptographic techniques which can ensure security even in the era of quantum computers. Moreover, the IT security experts demonstrated that those techniques can also be implemented in microdevices, such as electronic health cards. The challenge associated with techniques of so-called post-quantum cryptography is the fact that they require extremely long cryptographic keys. The low-performance processors of current microdevices cannot yet handle those long keys efficiently.
In order to tackle this problem, the researchers used primarily alternative representations of cryptographic techniques, which, for example, introduce additional structures aiming at reducing the key size. Moreover, they also optimized the algorithms for the respective target platform. Depending on the technique they used, the researchers were able to merge complex steps with other computations or even to omit them completely, without reducing the security margin of the cryptographic scheme.