Unleashing LATTE: A Quantum-Safe Cybersecurity Hero for Tomorrow's Threats
The Medibank cyberattack. The Optus data breach. The HWL Ebsworth hack. It feels like there’s a new cybersecurity threat every fortnight.
What’s worse? According to The National Institute of Standards and Technology, current cybersecurity measures will be rendered obsolete when quantum computing takes over in the next few decades – leaving our personal information up for grabs.
Much like playing chess, cybersecurity is about anticipating your opponent’s next move. And Dr Raymond Zhao, a master’s and PhD graduate from the Faculty of IT, and now a CSIRO Data 61 Postdoctoral Fellow, is determined to stay ahead of the game by investing in long-term cryptography tools, essential to keep our data private and systems secure.
Revisiting a quantum-safe encryption proposal from 2017, Dr Zhao joined forces with our faculty’s Associate Professor Ron Steinfeld and Associate Professor Amin Sakzad, to create the first quantum-safe cybersecurity contender that is also optimised to meet the high speed data demands of our society today. Who says you can’t have your cake and eat it too?
So let’s dig into how the Lattice-based Advanced Technological Transformation for Encryption (or LATTE) helps businesses be proactive, rather than reactive, to cyberattacks in a post-quantum world.
Better latte than never
In 2017, two researchers Peter Campbell and Michael Groves proposed an encryption tool called LATTE designed to withstand quantum attacks. But at the time, quantum computing was a distant threat which led LATTE to receive little traction.
Now we see our world digitising at a compounding pace. What was once a faraway fantasy is deeply ingrained in our lives today.
In preparation for our new reality, Dr Zhao and his team have preemptively transformed LATTE to now offer faster and more secure services than its predecessor.
This has largely been achieved by holistic improvements:
Recommended by LinkedIn
LATTE is particularly useful for Messaging apps or blockchain signatures that require forward security, a cryptographic method that protects your past communications even if your current security code is compromised.
They even tested the new and improved security analysis of LATTE on Falcon, a quantum-safe digital signature scheme (and Dr Zhao’s other implementation techniques have been employed there!) and found that it can now use slightly less precise values on the computation to improve the speed while maintaining the same security.
With Dr Zhao and his team's optimisations, businesses can now adopt sustainable cybersecurity measures that don’t compromise current usability and the protection of their customers' personal information when quantum computing hits our shores.
The quantum threat
Driven by the shift to 5G and more advanced 6G networks and the general surge in the Internet of Things, many businesses these days are opting for cybersecurity measures that offer high speed data transfers, which allows them to handle more transactions or user requests simultaneously.
But while these measures serve our needs now, their defence mechanisms are not built to withstand attacks from quantum computers.
Originating from the realm of physics, the quantum concept refers to the smallest possible unit of a physical object, like atoms and subatomic particles.
When applied to IT, quantum computing goes even deeper than bits, into quantum bits or qubits. We still use the 0s and 1s, but instead of occurring one after the other, they occur at the same time – giving computers the ability to solve problems at an exponential rate.
For certain problems, what would take a regular computer a million years to figure out, a quantum one could crack in mere seconds. So the big question is: With our devices barely safe from cyberattacks now, what happens when the world goes quantum?
A good reminder that our hunger for speed and power must be balanced.
To sink your teeth into the nitty gritty of the optimised LATTE, have a read of Dr Zhao’s research paper.