Revamped knapsack code offers online security for the future
Washington State University mathematicians have designed an encryption code capable of fending off the phenomenal hacking power of a quantum computer.
Using high-level number theory and cryptography, the researchers reworked an infamous old cipher called the knapsack code to create an online security system better prepared for future demands.
The findings were recently published in the journal The Fibonacci Quarterly.
Quantum computers are near
Quantum computers operate on the subatomic level and theoretically provide processing power that is millions, if not billions of times faster than silicon-based computers. Several companies are in the race to develop quantum computers including Google.
Internet security is no match for a quantum computer, said Nathan Hamlin, instructor and director of the WSU Math Learning Center. That could spell future trouble for online transactions ranging from buying a book on Amazon to simply sending an email.
Hamlin said quantum computers would have no trouble breaking present security codes, which rely on public key encryption to protect the exchanges.
In a nutshell, public key code uses one public “key” for encryption and a second private “key” for decoding. The system is based on the factoring of impossibly large numbers and, so far, has done a good job keeping computers safe from hackers.
Quantum computers, however, can factor these large numbers very quickly, Hamlin said. But problems like the knapsack code slow them down.
Fortunately, many of the large data breaches in recent years are the result of employee carelessness or bribes and not of cracking the public key encryption code, he said.
A new public key code
Looking to protect future online information, Hamlin and retired mathematics professor William Webb turned to the long-abandoned knapsack code. To bring it up to quantum level – and possibly use it as a new type of public key encryption – the researchers first engineered new numbering systems for the code.
“We used alternate ways of representing numbers,” said Hamlin.
In effect, they created new digital systems with much greater complexity than society’s day-to-day decimal and binary systems.
“By using very complicated number strings, we produced a new version of the knapsack code that can’t be broken by the usual cyber attack methods,” said Webb.
As a result, Hamlin and Webb believe the redesigned knapsack code could offer a viable alternative for public key encryption with quantum computing.
The knapsack problem is a theoretical puzzle dating back to at least 1897 and is very difficult to solve in its most general form.
“Basically, it asks if you have one big number (the knapsack) and lots of small numbers (objects), what is the subset of small numbers (or objects) that will perfectly fill the knapsack? The concept was used to create a code called the knapsack code,” explained Webb.
“The knapsack code was originally suggested as a tool for public key encryption in the 1970s, but it was broken by two different methods and people lost interest in it,” he said.
Webb’s idea to bring it out of storage was at first an intellectual exercise.
“Knapsack is a simple, elegant code but it was broken,” said Webb. “We wondered if it could be fixed and redesigned to be secure. The challenge was intriguing.”
Hamlin said they made corrections at the fundamental level of the code, which repaired many of its weak spots. This let it block a greater array of cyber attacks, including those using basis reduction, one of the decoding methods used to break the original knapsack code, he said.
“Basis reduction is a big hammer to use against this code and, after testing, we think it’s secure against this type of attack and would offer an alternative code for quantum computing,” Hamlin said.
The Latest on: Cybersecurity
via Google News
The Latest on: Cybersecurity
- White House advisor on 30-country cybersecurity summiton October 15, 2021 at 2:16 pm
Anne Neuberger, deputy national advisor for cyber and emerging technology, joins Closing Bell to discuss the White House's strategy for cracking down on cyberattacks and what it hopes to accomplish at ...
- Missouri governor urged to appoint cybersecurity panelon October 15, 2021 at 11:32 am
Three months after creation of a commission to identify cybersecurity risks in state government, Missouri Gov. Mike Parson has yet to appoint any members. A state lawmaker said Friday that ...
- Auburn's McCrary Institute to bring together leading public and private cybersecurity experts to build partnerships to defend against cyber attackson October 15, 2021 at 4:09 am
Six of the nation's most senior cybersecurity officials will gather Tuesday, Oct. 19, during an event hosted by Auburn University's McCrary Institute for Cyber and Infrastructure Security to discuss ...
- Apple's Proposed Phone-Scanning Child Safety Features 'Invasive, Ineffective, and Dangerous,' Say Cybersecurity Researchers in New Studyon October 15, 2021 at 12:23 am
More than a dozen prominent cybersecurity experts hit out at Apple on Thursday for relying on "dangerous technology" in its ...
- Google launches new cybersecurity defenseson October 14, 2021 at 8:00 pm
W ith cyberthreats growing, Google has launched a Cybersecurity Action Team with the goal of “supporting the security and digital transformation of governments, critical infrastructure, enterprises, ...
- Cybersecurity Experts Sound Alarm on Apple and E.U. Phone Scanning Planson October 14, 2021 at 5:00 pm
A group of researchers said the “dangerous technology” was invasive and not effective at detecting images of child sexual abuse.
- Cybersecurity Training Is Broken — It's Time To Consider Human Risk Managementon October 14, 2021 at 5:45 am
Cybersecurity training has done little to evolve with increasing threats, new technology or the changing workforce.
- Evolution Equity Partners closes on $400M for new cybersecurity fundon October 14, 2021 at 5:00 am
The current environment of accelerated digitalization and remote work “has created an unprecedented attack surface,” according to co-founder Richard Seewald.
- Why enterprises are massively subcontracting cybersecurity workon October 13, 2021 at 11:40 pm
Enterprises increasingly are subcontracting cybersecurity responsibilities because they have trouble finding full-time qualified workers.
- Applying The Power Of Deep Learning To Cybersecurityon October 13, 2021 at 12:28 pm
There are lots of cybersecurity tools out there that promise to help organizations scale to manage the volume of threats and help separate the signal from the noise to identify security events that ...
via Bing News