Microprocessors that are unique to each Internet of Things (IoT) device is the way forward in the ongoing and tricky quest to secure the IoT, says Crypto Quantique. One idea is that by making each chip one of a kind and unclonable, an application would become almost impossible to hack.
The U.K.-based startup says it has introduced “the world’s most advanced security product for IoT devices.” The microprocessor-based solution uses quantum physics, combined with cryptography, all embedded in silicon, it explained in a press release last October.
“The world’s first quantum-driven secure chip (QDSC), on silicon, which, when combined with cryptographic APIs, provides highly scalable, integratable, easy-to-implement and seamless end-to-end security for any connected device,” the company claims. The chips generate large quantities of unique cryptographic keys using quantum processes, Crypto Quantique explains.
Quantum computing, overall, is ideally suited for applications that need to be aware of and thwart any tampering. For example, attempted hijacking of quantum-entangled data, in a quantum-secured link adulterates the co-mingled data and cryptographic keys and notifies the system that the keys are now no good. The keys, thus, can’t be used anymore, and the traffic appears unreadable. Additionally, the intrusion is immediately picked up by the administrators. It’s all due to the way the data is co-joined and entangled. Roughly, the beginning of the stream, in this case, should be in the same state as at the end. If it isn’t, there’s been interference.
“This is the iPhone moment for the IoT security category,” Crypto Quantique co-founder Shahram Mossayebi says of QDSC in the press release. “It represents a complete step change; we’ve built something completely unique.”
Interestingly, the QDSC design would solve a dichotomy inherent in IoT, which is that one wants the devices to be cheap, often lightweight and small, with low power consumption yet also secure. However, added traditional cryptography takes up memory, making the device more cumbersome. (I wrote more about this problem last week and how edge computing could help.)
But Mossayebi says his product, which includes both the chip and API, doesn’t need to have keys stored on it, so conceivably doesn’t need to be so powerful. It frees up the limited space for computations.
“Because of the uniqueness and way in which the keys are generated, there is no requirement to store the keys on the device because the keys can be retrieved on demand,” the company says.
Memory storage needs are reduced, as is “leakage of sensitive information.” End-to-end security provided by the QDSC chip links into an “owner system.” That system could be in a private cloud or a public cloud.
Quantum-key distribution networks-secured fiber networks already in use
Quantum computing increasingly is being seen as almost unhackable when combined with cryptographic keys. And indeed, Quantum-key distribution networks (QKD)-secured fiber networks are appearing. A 75-mile U.K. test link, run by the largest telco there was announced in July, and I wrote about the city of Jinan, Shandong Province, China’s citywide municipal QKD system in 2017.
Bloomberg revealed this week that it knows of a QKD quantum cable running through the commuter-traffic Holland Tunnel buried between Lower Manhattan and New Jersey. And banks are testing the cable because of its potential security in comparison to regular fiber. They don’t want wired money stolen, among other security needs.
“Why bother when most network traffic is already encrypted?” Bloomberg poses. It’s because “encryption is worthless if an attacker manages to get the digital keys used to encode and decode messages.” The unique entanglement of streams of data found in QKD networks, with highly obvious interference alerting, makes the keys and data useless if they are hacked. The same idea could be applied to IoT microprocessors and their associated networks.