A future where quantum computing (Post-Quantum Era) is a reality is approaching, but it’s not here yet. Once it arrives, our current encryption methods will become obsolete. While some organizations and businesses might be sluggish in their response to this shift, malicious entities are already taking action by stealing vast quantities of encrypted data now with the intention of decrypting it later when they have access to advanced quantum technology.
These attacks, referred to as harvest now, decrypt later (HNDL) attacks, present a significant future threat. If malicious individuals obtain quantum computers and learn how to effectively utilize them, the impact could be severe.
“We need a new method to encrypt data that ensures its protection both now and in the future,” says Frey Wilson, co-founder and CTO of Cavero Quantum.
The Cavero Method
Cavero has developed a cryptographic system employing symmetric keys in two distinct manners: one leveraging computational complexity, and the other an information-theoretical approach. Although the latter generally relies on physical resources, Wilson observes that Cavero realizes it through exploiting random number properties.
“Wilson explains that by developing two correlated data sets and ensuring any third set is also correlated but differently from the first two, it becomes possible to utilize sections of the correlated data with low entropy to collaboratively generate a key. This concept will be detailed further during his presentation at Black Hat Europe 2024.”
Wilson emphasizes that while these keys are intended to serve a similar purpose, they aren’t actually passkeys. Passkeys belong to the category of asymmetric keys, which use cryptographic techniques for data encryption and decryption. However, there’s an inherent risk in their usage: they’re confined within specific ecosystems like Apple or Amazon and can’t be cross-referenced with other systems.
“The key is initially transmitted from a central server, which means there’s a moment when it travels to the device,” explains James Trenholme, CEO of Cavero Quantum. “During this transit period, there is potential for hacking or being intercepted by a third party.”
Cavero seeks to address this issue by offering a solution that ensures no information is shared publicly. Using the correlating numbers mechanism, keys are mutually generated for each party involved. Consequently, even if an attacker intercepts the exchange midway, they won’t be able to gather sufficient information to either calculate or capture the key, Trenholme notes.
The Past & Future of Cryptography Keys
According to Wilson, the solution is distinctive in its approach because it employs smaller key sizes and can be implemented on any device regardless of size.
“We frequently encounter that historical perspective,” says Wilson regarding their solution, which has been in development for nearly 12 years. “Our approach builds upon an established body of work that we’ve adopted and enhanced. What’s unique is the direction we’ve taken, setting us apart from others.”
Wilson intends to elaborate on this at Black Hat Europe, mentioning that “it offers a fresh perspective on the underlying methodology.”
Looking ahead, the pair envisions Cavero’s keys becoming the foundation for various types of communications. Although it’s common for a CEO to advocate this way about their company’s offering, it appears that using Cavero’s keys aligns well with enhancing privacy and security in communication processes.
Certain industries, particularly those handling high-value data or possessing long-term data sources, will reap the benefits of Cavero’s technology sooner than others.
“We envision it being utilized in all forms of communication, whether that involves a voice call, messaging, data transfer, logging applications—the possibilities are endless,” says Trenholme. This includes sectors such as telecommunications, defense, financial services, identity frameworks and beyond.
