7,093 bytes added
, 08:42, 14 April 2021
<div class="center"><div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">[[File:JoinusonGCconnex.png|link=http://gcconnex.gc.ca/groups/profile/2785549/gc-enterprise-security-architecture-gc-esa]]<br />[[File:ESAcontactus.png|link=mailto:ZZTBSCYBERS@tbs-sct.gc.ca]]</div>
[[File:GOC ESA.jpg|center|link=http://www.gcpedia.gc.ca/wiki/Government_of_Canada_Enterprise_Security_Architecture_(ESA)_Program]]
<div class="center">
{| style="border: 2px solid #000000; border-image: none;" width="1000px"
|-
! style="background: #e1caf7; color: black" width="175px" scope="col" " | [[Government of Canada Enterprise Security Architecture (ESA) Program|ESA Program Overview]]
! style="background: #e1caf7; color: black" width="125px" scope="col" " | [[ESA Backgrounder (Strategy)|ESA Foundation]]
! style="background: #e1caf7; color: black" width="125px" scope="col" " | [[ESA Requirements|ESA Artifacts]]
! style="background: #e1caf7; color: black" width="125px" scope="col" " | [[ESA Initiatives|ESA Initiatives]]
! style="background: #e1caf7; color: black" width="125px" scope="col" " | [[ ESA Tools and Templates]]
! style="background: #C495F0; color: black" width="125px" scope="col" " | [[GC ESA Artifact Repository|ESA Reference Materials]]
! style="background: #e1caf7; color: black" width="100px" scope="col" " | [[ESA Glossary| Glossary]]
|}
{| style="border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1000px"
|-
! style="background: #c2c2fa; color: black" width="18%" scope="col" | [[GC ESA Artifact Repository|ESA Artifact Repository]]
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[GC Threat Assessments - Repository| GC TA Repository]]
! style="background: #c2c2fa; color: black" width="12%" scope="col" | [[SPIN 2015-01]]
! style="background: #9a9af8; color: black" width="18%" scope="col" | [[Emerging Technologies]]
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]
|}
{| style="border-bottom: #000000 2px solid; border-left: #000000 2px solid; border-right: #000000 2px solid" width="1000px"
|-
! style="background: #d7d7d7; color: black" width="35%" scope="col" | [[Blockchain Technology]]
! style="background: #d7d7d7; color: black" width="35%" scope="col" | [[Internet of Things]]
! style="background: #969696; color: black" width="30%" scope="col" | [[Quantum Computing]]
|}</div></div>
{{TOCright}}
=What is Quantum Computing?=
Quantum computing is the use of quantum-mechanical phenomena such as superposition and entanglement to perform computation. Computers that perform quantum computations are known as quantum computers. Quantum computing can solve and calculate complex and incredibly large numbers and can preform complex computation problems which cryptography relies on. RSA encryption is specifically based on integer factorization at a very complex level, something a quantum computer could solve rendering the encryption useless.
Quantum computers are made up of qubits which are different to traditional models of computing with a bit representing a "0" or "1". A qubit or quantum bit are vectors of complex numbers representing probability amplitudes representing the superposition of a zero or one.
Another concept that makes up quantum computing is known as "entanglement". Entangled qubits affect each other instantly when measured, no matter far apart they are, based on what Einstein euphemistically called “spooky action at a distance.” Some quantum safe encryption advocates postulate that we simply need to increase the difficulty of the problem that needs to be solved to decrypt the data.
=Quantum Computing and Security=
With the rise in research and development in quantum computing, cryptography as we know it will have to adapt or risk being broken. Quantum computers will use quantum physics to efficiently process information and solve problems that are impractical to solve using current computing capabilities. Quantum computers that are available now are not sufficiently powerful enough to break cryptography, but the technology is advancing quickly and could be available by the 2030s. However, threat actors can steal encrypted information now and hold on to it until a sufficiently powerful quantum computer is available to decrypt, read, or access the information, even well after the information was created.
Some key judgements on cryptography and quantum computing include:
*There is a realistic possibility that within 7 years, organisations with access to a quantum computer may be able to train machine learning models to aid detection of cyber threats more effectively than on a classical computer.
*Post-quantum algorithms that are resistant to attack by both quantum and classical computers will likely be approved by NIST by 2024, whilst full adoption is expected to take significantly (potentially decades) longer.
*It is difficult to predict when a computer with the necessary power to break current cryptography will exist.
*Within 10 years it is likely that quantum sensors will increase the range from which TEMPEST attacks can be conducted, although close physical access will still be required.
Now the focus is on post-quantum cryptography to ensure that when quantum computers available to organizations, encryption will be strong enough to keep information safe. Quantum-safe (sometimes referred to as Post-quantum cryptography, quantum-proof, or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against an attack by a quantum computer.
Even though current, publicly known, experimental quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat.
==Quantum Resistant Cryptography==
Although there are many different avenues that industries are exploring when talking about quantum safe computing, two of the main ones are Lattice cryptography and multivariate cryptography. For a bigger and more comprehensive list see the [https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf NIST publication on Post-Quantum Cryptography].
===Lattice Cryptography===
Lattice cryptography encrypts data inside mathematical lattices and is considered unbreakable (without a backdoor). It has an additional benefit in that it can be used to perform processes on an encrypted file without decrypting its data first -- a technology called Fully Homomorphic Encryption.
===Multivariate Cryptography===
This includes cryptographic systems such as the Rainbow (Unbalanced Oil and Vinegar) scheme which is based on the difficulty of solving systems of multivariate equations.
=References=
*[https://cyber.gc.ca/sites/default/files/publications/ITSE.00.017.pdf Addressing the Quantum Computing Threat of Cryptography - CCCS Publication ITSE.00.017]
*[https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf Report on Post-Quantum Cryptography - NIST]