BlackBerry Races Ahead of Security Curve With Quantum-Resistant Solution

An anonymous reader quotes a report from TechCrunch: Quantum computing represents tremendous promise to completely alter technology as we've known it, allowing operations that weren't previously possible with traditional computing. The downside of these powerful machines is that they could be strong enough to break conventional cryptography schemes. Today, BlackBerry announced a new quantum-resistant code signing service to help battle that possibility. The solution, which will be available next month, is actually the product of a partnership between BlackBerry and Isara Corporation, a company whose mission is to build quantum-safe security solutions. BlackBerry is using Isara's cryptographic libraries to help sign and protect code as security evolves.

"By adding the quantum-resistant code signing server to our cybersecurity tools, we will be able to address a major security concern for industries that rely on assets that will be in use for a long time. If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now, you need to be concerned about quantum computing attacks," Charles Eagan, BlackBerry's chief technology officer, said in a statement. Some of the long-lived assets include aerospace equipment, connected cars, or transportation infrastructure -- basically anything that will still be in use several years from now when quantum computing attacks are expected to emerge.

Uh huh

[Desler]

Why would anyone trust them after this article:

https://www.forbes.com/sites/t... [forbes.com]

Re:

[Anonymous Coward]

Did you actually read the article?

"Only when the government gives us a court order we will start tracking it. Then the question is: how good is the encryption?

"Today's encryption has got to the point where it's rather difficult, even for ourselves, to break it, to break our own encryption... it's not an easily breakable thing. We will only attempt to do that if we have the right court order. The fact that we will honor the court order doesn't imply we could actually get it done."

Because if a government "orders" you to do something through a court document, then what choice do you have? If they've designed the system properly (and remember that the NSA licensed BB's patents for ECC), then the attempt will fail.

Yeah? Available for years.

[Anonymous Coward]

How is this better than AES-CMAC?
Quantum only affects asymmetric cypher's mainly used for key distribution as far as I know.
Symmetric cypher's like AES should be unaffected if you just up the number of bits a bit.

Re:

[Desler]

This is guaranteed to be backdoored for law enforcement. Oh wait did you mean better for the plebes? Oh, it's not.

Re:

[iggymanz]

that's okay, it's hardly provably "quantum resistant" anyway; it's the same as any other encryption in that regard. Bunch of marketing hooey is all...

Re:

[Anonymous Coward]

The solution is "longer keys". By example, a 8192-bit key for RSA protocol maybe unbreakable by a quantum-machine for tens of years.

Re:

[sexconker]

The hard truth we may end up facing is that asymmetric cryptography may be entirely dead, while symmetric cryptography survives, with everything boiling down to key length. If that happens, then good luck with your key exchange protocols, your cryptocurrencies, and just about everything else using the public internet.

If quantum attacks on asymmetric encryption prove viable in real-world usage, they may lead to the discovery (or exposure, depending on your hat's material) of fun new math that lets us break

Re:Yeah? Available for years.

[WaffleMonster]

How is this better than AES-CMAC?
Quantum only affects asymmetric cypher's mainly used for key distribution as far as I know. Symmetric cypher's like AES should be unaffected if you just up the number of bits a bit.

Code signing as a practical matter to be useful requires asymmetric encryption.

Re: Just sha512sum the tarball

[NoseyNick]

The problem isn't the checksum, nor how to make the checksum. The problem is how to know "what you expect" is correct, if it wasn't signed... by public:private crypto.

Re:

[JoeDuncan]

How is this better than AES-CMAC? Quantum only affects asymmetric cypher's ... as far as I know..

Quantum computing can produce and try EVERY possible solution to a given problem simultaneously. How would that not break symmetric encryption too?

Re:

[WaffleMonster]

Quantum computing can produce and try EVERY possible solution to a given problem simultaneously.

No it can't.

How would that not break symmetric encryption too?

Enabling premise is false.

Re:

[JoeDuncan]

No it can't.

Useless answer.

Enabling premise is false.

Pointless redundant statement.

Re: Yeah? Available for years.

[Tomahawk]

Not quite. They can't, for example, test all possibilities of a 128bit symmetric key. It doesn't actually work like that. Never mind a 256 or 512 bit key.

However, they can be used to factor numbers very fast. Private Keys consist of 2 very large prime numbers (plus some stuff) and the correspondingly Public Key consists of the product of those 2 primes (plus some stuff).
Factoring the public key into the 2 primes is very hard using current technology. Quantum Computing makes this much much easier.

It's t

Re:

[Bob the Super Hamste]

Quantum computers are not non-deterministic Turing machines [wikipedia.org] that can magically solve and verify a NP problem in P time. However they do offer a substantial speed improvement. Looking at symmetric key encryption schemes a quantum computer can use Grover's Algorithm [wikipedia.org] to speed up key cracking and the speed up is impressive but no where near going from NP to P. So instead of taking 2^N attempts it will take 2^(N/2) attempts. Because the algorithm was known when AES was being designed the competition specified th

Sound like...

[Tomahawk]

Those last 2 sentences read like the blurb you get when someone is just randomly adding technical words to something to make it sound like it actually is something worth having, but isn't.

Giving the benefit of the doubt here, does anyone have any links to technical papers about this quantum-resistant cryptographic solution?

Re:Sound like...

[OzPeter]

Giving the benefit of the doubt here, does anyone have any links to technical papers about this quantum-resistant cryptographic solution?

I had one on my desk here, but then I looked at it.

Re:

[thePsychologist]

The solutions that ISARA says are in their suite are not new solutions developed by them. For example, two systems they use are the McEliece PKE and NewHope. The former is based on coding theory and the latter is based on ring learning with errors. You can put those terms into Google/Google scholar and find a bunch of papers on them.

Typically so-called quantum resistant algorithms are just based on a different class of problems related to lattice problems, like finding the nearest lattice vector close to so

Re:

[Tomahawk]

I'll look them up. Thanks.

One wonders -- with the onset of Quantum Computing, what new public/private key algorithms could be created based on Quantum Computing itself?

Re:Sound like...

[Bob the Super Hamste]

Since symmetric key ones are resistant, just increase the key length which is why there is a required 256 bit option for all AES entrants, you want to look at asymmetric key crypto. Here there are 2 main options available. The first is Lattice-based crypto [wikipedia.org] and the other is Multivariate crypto [wikipedia.org]. Both defeat Shor's algorithm [wikipedia.org] which is the one to be worried about with asymmetric key crypto.

Superposition

[Anonymous Coward]

It's simple. To make their hardware quantum-resistant they simply pushed it into the super position of being both off and on but unused. Their next step is to involve concrete.

I'm confused

[fahrbot-bot]

BlackBerry Races Ahead of Security Curve With Quantum-Resistant Solution

So, does mean they won't run the latest versions of Firefox?

Well that was remarkably vacuous

[Crashmarik]

It's a quantum resistant solution.

Err How does it work, what makes it quantum resistant, how long is it expected to be resistant

***Crickets****

Might as well be a press release for Blackberry.

If?

[quonset]

If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now

What do you mean, if it needs to be functional 10 years from now? My car IS 10 years old and in perfect working condition. It better damn well last another decade (barring people slamming into me which has happened).

This is the problem with technology. Anything over six months old is considered not worth it to keep around. A three year-old product is considered ancient.

Oh for FUCK's sake!

[Opportunist]

If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now, you need to disconnect it from an insecure network like the internet.

It IS actually that simple!

What about Key Escrow?

[Agripa]

Does quantum encryption solve the key escrow problem? Or would not implementing key escrow be necessary for that?

After what happened with BlackBerry, why would I trust anything they say or do? They are as trustworthy as RSA which is to say, not trustworthy at all.