TRISTAN DONNELLY Daily Sunshine Special
Experts believe that recent advances in quantum computing will render existing cybersecurity systems obsolete within the next few years. Researchers at Northern Arizona University’s School of Informatics, Computing and Cyber Systems (SICCS) are looking to the future to develop new technologies that will be used to help secure information against new threats.
Bertrand Cambou, a professor in the Department of Applied Physics and Materials Science, is the project manager for NAU’s cybersecurity program.
“The cryptography that we currently use as a society was, essentially, invented in the 80s,” Cambou said. “It’s beautiful, but it’s been proven that when quantum computers are powerful enough, they will destroy it.”
It was because of this impending technological breakthrough that he led the university’s first post-quantum cryptography program.
Cambou added, “I want to prepare NAU students to be able to operate in this new environment.”
People also read…
The Cybersecurity program is a multidisciplinary project made up of a diverse team of dozens of faculty and students from many departments.
“In my research team, we have the largest group of PhD students who attend university,” Cambou explained. “They are very diverse — we have physicists, mathematicians, electrical engineers, computer scientists, and they all work together to create cybersecurity systems.”
Traditionally, cybersecurity systems use software encryption keys to secure information. The NAU team looks beyond existing technologies to create new encryption techniques that use a combination of hardware and software methods.
In order to secure information, computers use encryption keys developed using random number generation.
Andy Wang, the dean of the College of Engineering, Computing and Applied Sciences (CEIAS), brought up the problem of software generating random numbers.
“Normally with software-based search, when you generate a key, the key was generated with an algorithm, based on a random number. There is no truly random number in the world, because every random number is generated by a mathematical equation,” Wang said. “So it’s a quasi-random number, and since it’s a quasi-random number, a hacker can break it as long as they have enough computing power.
The cybersecurity team has been working on a hardware solution to this problem in the form of physically uncloneable functions (PUFs). Julie Heynssens, Senior Lecturer at SICCS, described the concept behind how PUFs take advantage of the unique properties of a system to generate truly random numbers.
“When you make something, even like a digital chip, there are small variations in the output and in the manufacturing process that are a unique fingerprint of the device. From chip to chip in the same batch, in the same line, they can be different,” Heynssens said. “So we found a way to do analog readings on the digital chip, read that fingerprint to look for variations, and then we have encryption algorithms on top of that.
Heynssens is in charge of the team’s quantum key distribution project.
“The most secure way to encrypt data is to have symmetric keys. It’s not as breakable with quantum computers, as most ciphers will be in about five years. But to transmit symmetric keys, you you have to transmit them, normally, on public channels,” Heynssens said. “People can listen to this and it’s not a good key anymore.”
Heynssens’ work with the team focuses on finding a more secure method of transmitting keys, which involves using concepts from quantum physics to communicate information with a ternary code.
Most existing computer systems use binary code, which represents data using zeros and ones, to store and transmit data in bits. Ternary code adds a third value to this, representing data as zeros, ones, and negatives, often called trits. This allows the team to transmit data more securely.
“In order to implement keys with a very low error rate, we basically developed a ternary method to reduce the bit error rate, and then we use protocols for additional obfuscation,” Cambou said.
In the process of quantum key distribution, trits are transmitted using a single particle of light, called a photon.
Heynssens described how it works: “I take a single photon from a laser, and I align its polarization state and send it through a fiber. It’s just a photon, so any snooping attempt is going to affect that single photon and it’s going to spoil the message. The information is encoded in the angle of polarization of this photon.
Using this technique, the team is able to transmit encryption keys, generated using their PUFs, in a manner virtually unbreakable by quantum computers.
The team’s research has led to incredible innovations in their field and is bringing a lot of attention to NAU’s cybersecurity program.
“Over the past few years, 50% of patents granted by NAU have been granted by this team,” Cambou said.
In total, the team has been granted 20 patents for its inventions, and another 30 patents are still pending. They have also successfully secured millions of dollars in funding from the private and public sectors, including the US military and, more recently, technology company Intel.