Make encryption harder, better, faster, and stronger
As a result, the industry is advancing encryption in several ways. Some efforts have focused on increasing the size of the key to protect against brute force decryption. Other efforts focus on new cryptographic algorithms. For example, the National Institute of Standards and Technology Evaluating Next Generation Public Key Algorithms for Quantum Security..
The problem is that most quantum security algorithms are not efficient in classical computer architectures. To address this issue, the industry is focusing on developing accelerators that speed up algorithms on x86 platforms.
The third area of research is Homomorphic encryptionAn amazing concept that allows users to perform calculations on encrypted data without first decrypting the data. Therefore, analysts who need to query databases containing sensitive information do not need to ask analysts with higher permissions to access or declassify the data.
The great advantage of homomorphic encryption is that it protects your data in all states, whether it is stored (stored on your hard drive), on the move (transmitted over the network) or in use (in the memory of your computer). computer). Another advantage is that it is quantum safe because it is based on the same mathematics as quantum computing.
The downside is that homomorphic encryption is not designed to work on traditional computers, so it performs poorly on traditional computers. The industry is working together to develop x86-style instructions for running these new cryptosystems at cloud speed. The practical applications are still a few years away, but we are confident that we will get there.
to have: How can government agencies fight encrypted attacks on government traffic?
Crypto innovations available to agencies today
Temporarily, a new encryption feature has appeared that organizations can use right now. Confidential IT.. Confidential computing protects data while it is being processed in computer memory. For example, when a user performs an analysis in a database.
Confidential computing works by letting the CPU reserve a section of memory as a secure enclave and encrypting the memory in the enclave with a CPU-specific key. Data and application code placed in an enclave can only be decrypted in that enclave on that CPU. Even if an attacker gains root access to the system, the data cannot be read.
With the latest generation of computer processors, you can create a terabyte of enclave on a two-processor server. This allows an organization to place the entire database or transaction server in an enclave.
Features are now enhanced with the ability to encrypt all of your computer’s memory with minimal impact on performance. Full memory encryption uses a platform-specific encryption key that is randomly derived each time the system is started. The keys disappear when you turn off your computer. Therefore, even if a cybercriminal steals the CPU, he will not be able to access the memory.
Confidential IT is transforming the way businesses approach cloud security because they no longer have to trust cloud providers implicitly. Instead, you can protect your data even if it is hosted by a third party.
A major cloud provider has previously provided confidential IT services to the federal government and will see more in the future. Government agencies can now build enclave-based applications to protect data used in dedicated clouds that meet government security and compliance requirements.
The need for strong data encryption will not go away, and the challenges of encryption will only increase as quantum computing emerges in the years to come. Meanwhile, innovative new crypto capabilities provide tighter cybersecurity for institutions today, and the industry is investing in next-generation crypto systems to protect government information over the next 25 years.
