Shop Online Cryptography
  • No products in the list
Back to Applications

Quantum Random Number Generation solutions for cryptography

Today’s connected world requires constantly higher levels of security. In many situations, this is done by relying on cryptography, for which one of the critical elements is the unpredictability of the encryption keys. Other security applications, like identity & access management, also require a strong cryptographic foundation based on unique tokens.

Keys are used for encryption of information as well as in other cryptographic schemes; such as digital signatures, personal identification and message authentication codes. They are used everywhere in modern digital communications and they enable the trust which underpins communications in our globalised world, including the internet and financial systems.

The security of these keys or digital tokens lies in the quality of the randomness used to create the key itself. If the random number generation and the processes surrounding it are weak, then the key can easily be copied, forged or guessed and the security of the entire system is compromised. Therefore, high-quality key generation that ensures unpredictable, random keys is critical for security.

Digital or paper currencies also require unique identifiers that cannot be easily guessed or forecast. Also, many other high-value applications like lotteries, or gaming in general, require the same capacity to generate totally unpredictable numbers. The common denominator of all these markets is the critical reliance on absolutely random numbers.

Secrecy of the encryption keys

Today, best security practices are based on the assumption that an attacker has in-depth knowledge of the cryptographic algorithm, and that the security of the system resides primarily in the secrecy of the encryption key. This is known as Kerckhoff’s principle “only secrecy of the key provides security”, or, reformulated as Shannon’s maxim ”The enemy knows the system”.

According to security expert Bruce Schneier: “The reasoning behind Kerckhoffs’ principle is compelling. If the cryptographic algorithm must remain secret in order for the system to be secure, then the system is less secure. The system is less secure, because security is affected if the algorithm falls into enemy hands. It’s harder to set up different communications nets, because it would be necessary to change algorithms as well as keys. The resultant system is more fragile, simply because there are more secrets that need to be kept. In a well-designed system, only the key needs to be secret; in fact, everything else should be assumed to be public.”

The history of cryptography provides compelling evidence that keeping a cryptographic system secret is nearly impossible over any long period of time, evidenced by the well documented cracking of the Enigma machine and other cases. While many governments do use elements of “security through obscurity” to enhance defence in depth, they also focus very heavily on ensuring that the encryption key is protected. And Schneier continues: “If the algorithm or protocol or implementation needs to be kept secret, then it is really part of the key and should be treated as such.”

The key is the cornerstone of secure cryptosystems and are used to ensure:

  • Confidentiality (secrecy of the data)
  • Integrity (the data has not been tampered with)
  • Authentication (data sent to the right person in the right order)
  • Non-repudiation (can prove who sent the data)
  • Secure access control (via secure tokens or passwords)

Requirements of the encryption key

So it is clear that the security of any crypto-based system depends fundamentally on the security and quality of the underlying encryption key. And yet is surprising in today’s world just how weak many of these keys are, and how little attention is paid to the key generation process. To provide adequate security the key must be:

  • Unique
  • Truly random (unpredictable)
  • Stored, distributed and managed securely

While these attributes – uniqueness and randomness – are easy to assume, they are actually complex to ensure and even more complex to test. There have been many cases recently where the keys underlying crypto-systems have been proven to be weak, either by accident or by design. According to Schneier, one such attack could “reduce the amount of entropy from 128 bits to 32 bits. This could be done without failing any randomness tests.”

Our Solutions

IDQ’s Quantum Key Generation solutions ensure the creation of truly random encryption keys and unique digital tokens for highly secure crypto operations. They are based on the internationally tested and certified Quantis Quantum Random Number Generator. Used by governments and enterprises worldwide, they offer the guarantee of Swiss quality, neutrality and trust.

The Quantis Appliance is a device providing randomness in networked, high availability environments.

Benefits

  • True random number generation platforms based on Quantis QRNG
  • Swiss quality and neutrality – key generation you can trust
  • Randomness based on natural quantum mechanics, robust to external environmental changes
  • Live verification of the core QRNG to ensure ongoing trust in the entropy source
  • Worldwide government certifications, including Swiss METAS certification and German BSI validation according to AIS 31

 

Home