Computing Profession

Future-proofing Security for the Coming Quantum Era

The Sakura-G evaluation board for demonstrating side-channel attacks includes a Xilinx Spartan-6 field programmable gate array for proprietary cryptographic processing, an SMA connection to measure FPGA power consumption, and an external voltage supply pi
"Cryptography has both theoretical and practical aspects," observed Aydin Aysu, an assistant professor in the department of electrical and computer engineering at North Carolina State University.

Universities are pioneering new engineering techniques to defeat hackers using hardware cryptography. Instead of merely issuing an endless number of software updates to plug newly found vulnerabilities, engineers are being trained in how to design hardware accelerators engineered to be immune to software hacks. By training engineers to prevent software attacks by designing hacker-resistant cryptographic hardware, not only can today's data can be secured, but engineers can future-proof data for the coming quantum era, according to Aydin Aysu, an assistant professor in the department of electrical and computer engineering at North Carolina State University (NCSU).

"I definitely see cybersecurity majors becoming commonplace—in fact, they already are catching on in universities like Penn State Berks,"  said Aysu. At NCSU, Aysu is pioneering a course for graduate students with little or no experience in cryptography that teaches them how to design specialized hardware accelerators that are hacker-resistant. "Such courses should cover not only the various technical disciplines in hardware, firmware, software, machine learning, and system design, but also focus on related societal aspects of cybersecurity, such as policy making."

Aysu's course—Teaching the Next Generation of Cryptographic Hardware Design to the Next Generation of Engineers—features lab sessions in which students are shown how to prevent even the most sophisticated software attacks with hardware countermeasures. The course specifically teaches how to design application-specific hardware accelerators that sidestep the vulnerabilities in general-purpose processors. The worst of these—microprocessor vulnerabilities (Meltdown) and so-called side-channel attacks (Spectre)—can only be prevented by proprietary hardware, according to Aysu.

"Hardware forms the Root of Trust on any given system. Security starts in hardware. Cryptographic solutions typically use dedicated hardware to execute algorithms," said Aysu. "If the hardware leaks information, which it does today, then there is no point in using even the strongest, theoretically secure cryptographic algorithm."

In two papers published in 2018 [here and here], Aysu and his colleagues explain how "even theoretically quantum-secure solutions can be broken by a $100 oscilloscope that captures detailed power measurements from hardware," Aysu said.

Brian NeSmith, CEO and cofounder of Arctic Wolf Networks, which provides a security operations center (SOC) as a service, said these security concepts are not fully understood by some of the most sophisticated cybersecurity experts, resulting in a dangerous cybersecurity talent gap. In an article published in Forbes in 2018, NeSmith wrote that there are programs "promoting opportunities in the industry by providing cybersecurity training and certifications" but these efforts are not generating enough cybersecurity personnel to meet industry needs . For instance, cybersecurity market research firm Cybersecurity Ventures predicts the number of unfilled cybersecurity job openings will triple from 2014 to 3.5 million by 2021; that same year, the firm forecasts black hats (cybercriminals) will be draining $6 trillion annually from economies worldwide.

Robert Herjavec, CEO and founder of cybersecurity product and service provider the Herjavec Group, observes in the company's Cyber Security Jobs Report that "Until we can rectify the quality of education and training that our cyber experts receive, we will continue to be outpaced by the black hats."

The U.S. supports a variety of educational efforts to advance today's approach to cybersecurity. For instance, the National Institute of Standards and Technology (NIST) sponsors the National Initiative for Cybersecurity Education (NICE), whose mission is " to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development.". There are also a variety of U.S.-sponsored competitions aimed at advancing cybersecurity expertise, including the National Collegiate Cyber Defense Competition; the Air Force Association's CyberPatriot National Youth Cyber Education Program aimed at inspiring K-12 students toward careers in cybersecurity or other science, technology, engineering, and mathematics (STEM) disciplines, and US Cyber Challenge's Cyber Quests online competitions.

On the world stage, the International Association for Cryptologic Research (IACR) sponsors both conferences and seminars it calls Cryptology Schools: four-to-five-day affairs that provide intense training in specific aspects of cybersecurity. Explained IACR chair Michel Abdalla, "The main goal of IACR schools is to develop awareness and increased capacity for research in cryptology. In particular, IACR schools aim to fill gaps that may exist in local expertise." Abdalla said the IACR schools address many topics in cybersecurity, "and these evolve constantly based on the needs of real-world applications. Some examples of problems that have received a lot of attention recently include post-quantum security, side-channel [Spectre] resistance, cloud security, methods for computing with encrypted data, and privacy-preserving machine learning."                                                                                                                 

According to Aysu, however, special programs are only stop-gap measures. If society is to successfully fill the gaping need for cybersecurity experts, then engineering curriculums need to incorporate training in cybersecurity from the outset. "The majority of cyber-vulnerabilities occur due to the ignorance of well-meaning engineers/developers and can thus be fixed by proper education at the undergraduate and graduate level," he said.

One of the most immediate needs is for engineers who can design cryptographic hardware accelerators that will keep data secure in the coming era of quantum computers. Unfortunately, the most popular encryption methodologies today are based on variations of the "large prime-number factors" methodology. For instance, RSA (Rivest–Shamir–Adleman) is one of the most widely used public-key crypto-systems. Unfortunately, it is based on the difficulty of factoring the product of two large prime numbers. Quantum computers will eliminate this difficulty, exposing the entire history of encrypted state secrets, financial data, passwords, and anything else using RSA today.

Many alternatives to RSA are being researched and proposed today, but without proprietary hardware accelerators, none of them can assure enduring security against quantum computers, according to Aysu.

Some digital-computer algorithms have successfully implemented quantum computing techniques without waiting for actual quantum computers. For instance, Ewin Tang, an undergraduate at the University of Texas, set out to prove that quantum algorithms were faster than classical algorithms, but "realized this was not the case." Instead, she created a classical algorithm that was previously only believed to be possible with quantum computers. Her example algorithm was for predictive recommendations rather than cryptography, but her finding nevertheless proves that digital computers can execute clever algorithms that may equal or surpass future quantum algorithms.

"Cryptography has both theoretical and practical aspects," said Aysu. "Cryptographic engineering focuses on those practical issues. Post-quantum cryptography is a broader field focusing on cryptographic solutions that can remain secure against future quantum computers, in both the theoretical and practical aspects."

In order to reach a wider audience, Aysu is working on an online version of his course, potentially for release as early as 2020. The biggest hurdle to overcome, so far, is the lack of a textbook. Since the advent of malware like Meltdown and Spectre, many engineers have become aware of the need for a firm hardware foundation for cryptographic algorithms, but none have stepped forward to write a textbook about it, he said.

R. Colin Johnson is a Kyoto Prize Fellow who ​​has worked as a technology journalist ​for two decades.

Join the Discussion (0)

Become a Member or Sign In to Post a Comment

The Latest from CACM

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More