August 31, 2023

New-age Security: Quantum Cryptography and Homomorphic Encryption

QNu Labs

The terms Y2Q and Q-Day are gaining traction with each passing day. It is not surprising to see more people waking up to the real threat of quantum computers on our existing encryption protocols.

Quantum computers use fundamental principles of quantum mechanics to solve complex problems in a matter of seconds (which otherwise would take several years). Once a quantum computer achieves a scale large enough to crack RSA encryption protocols, all of our online data is under threat.

Cybersecurity and new-age encryption algorithms are the need of the hour for governments, national defence, financial institutions, and healthcare organisations. The good news is that quantum cryptography, which also uses the same principles of quantum mechanics, has developed significantly to combat a potential quantum computing attack.

Post-quantum cryptography (PQC) has gathered mainstream attention because of the backing of the USA-based National Institute of Standards and Technology (NIST). The set of algorithms carefully chosen by NIST to make PQC a global encryption protocol is paving the way for its widespread adoption.

But, what if developments in quantum computing surpass quantum cryptography and PQC falls short of its promises?

There is a solution: Homomorphic Encryption

What is Homomorphic Encryption?

It is a new form of cryptography where computations are performed on encrypted data. The usual method of computation is to decrypt the original data, compute, and encrypt the results. But, homomorphic encryption has completely changed the modus operandi.

The computation performed on encrypted data also produces results in encrypted form. The extra step of decryption is eliminated from the entire process.

The impact is profound. The data remains confidential through the computation and the risk of exposure is almost negligible.

To summarise all of the above, homomorphic encryption operates on encrypted data, and produces encrypted results that can be decrypted to obtain the same outcome as if the operations were performed on the original unencrypted data.

The potential of homomorphic security is immense. But, in its current state of development, there are implementation challenges–it is too slow for practical use.

Large technology companies have ramped up their efforts in research on reducing the computational overhead required to implement homomorphic encryption. But, we are yet to see practical output.

There is one other alternative though–a hybrid of homomorphic and PQC.

How can PQC and Homomorphic Encryption Work Together?

Often, two are better than one. It stands true for two possibly robust encryption methods which may provide better performance when combined together.

PQC is a proven method to combat quantum attacks. Homomorphic encryption has proved its merit in confidentiality and privacy.

A framework that combines the two together can eliminate each other's shortcomings and broaden the scope of security. It is an intriguing possibility that is not far from reach.

IBM and Microsoft are frontrunners in developing new-age security and if a solution is announced by them, it would not be a surprise!

By combining the possibilities of these technologies, we can enable secure data processing in a post-quantum cryptography landscape, ensuring privacy and confidentiality even in the face of emerging threats.

References: