BlackBerry Races Ahead of Security Curve With Quantum-Resistant Solution (techcrunch.com)

← Back to Stories (view on slashdot.org)

BlackBerry Races Ahead of Security Curve With Quantum-Resistant Solution (techcrunch.com)

Posted by BeauHD on Thursday October 4, 2018 @09:20AM from the intentionally-vague-announcements dept.

An anonymous reader quotes a report from TechCrunch: Quantum computing represents tremendous promise to completely alter technology as we've known it, allowing operations that weren't previously possible with traditional computing. The downside of these powerful machines is that they could be strong enough to break conventional cryptography schemes. Today, BlackBerry announced a new quantum-resistant code signing service to help battle that possibility. The solution, which will be available next month, is actually the product of a partnership between BlackBerry and Isara Corporation, a company whose mission is to build quantum-safe security solutions. BlackBerry is using Isara's cryptographic libraries to help sign and protect code as security evolves.

"By adding the quantum-resistant code signing server to our cybersecurity tools, we will be able to address a major security concern for industries that rely on assets that will be in use for a long time. If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now, you need to be concerned about quantum computing attacks," Charles Eagan, BlackBerry's chief technology officer, said in a statement. Some of the long-lived assets include aerospace equipment, connected cars, or transportation infrastructure -- basically anything that will still be in use several years from now when quantum computing attacks are expected to emerge.

39 comments

Min score:

Reason:

Sort:

Uh huh by Desler · 2018-10-04 09:24 · Score: 4, Interesting

Why would anyone trust them after this article:
https://www.forbes.com/sites/t...
1. Re: Uh huh by Anonymous Coward · 2018-10-04 09:28 · Score: 0
  
  Huge pile of bull all the way up to Neptune
2. Re:Uh huh by Anonymous Coward · 2018-10-05 04:53 · Score: 1
  
  Did you actually read the article?
  
  "Only when the government gives us a court order we will start tracking it. Then the question is: how good is the encryption?
  "Today's encryption has got to the point where it's rather difficult, even for ourselves, to break it, to break our own encryption... it's not an easily breakable thing. We will only attempt to do that if we have the right court order. The fact that we will honor the court order doesn't imply we could actually get it done."
  Because if a government "orders" you to do something through a court document, then what choice do you have? If they've designed the system properly (and remember that the NSA licensed BB's patents for ECC), then the attempt will fail.
Yeah? Available for years. by Anonymous Coward · 2018-10-04 09:33 · Score: 2, Informative

How is this better than AES-CMAC?
Quantum only affects asymmetric cypher's mainly used for key distribution as far as I know.
Symmetric cypher's like AES should be unaffected if you just up the number of bits a bit.
1. Re:Yeah? Available for years. by Desler · 2018-10-04 09:36 · Score: 1
  
  This is guaranteed to be backdoored for law enforcement. Oh wait did you mean better for the plebes? Oh, it's not.
2. Re:Yeah? Available for years. by Anonymous Coward · 2018-10-04 09:37 · Score: 1
  
  The solution is "longer keys". By example, a 8192-bit key for RSA protocol maybe unbreakable by a quantum-machine for tens of years.
3. Re:Yeah? Available for years. by iggymanz · 2018-10-04 09:49 · Score: 1
  
  that's okay, it's hardly provably "quantum resistant" anyway; it's the same as any other encryption in that regard. Bunch of marketing hooey is all...
4. Re:Yeah? Available for years. by sexconker · 2018-10-04 10:00 · Score: 1
  
  The hard truth we may end up facing is that asymmetric cryptography may be entirely dead, while symmetric cryptography survives, with everything boiling down to key length. If that happens, then good luck with your key exchange protocols, your cryptocurrencies, and just about everything else using the public internet.
  If quantum attacks on asymmetric encryption prove viable in real-world usage, they may lead to the discovery (or exposure, depending on your hat's material) of fun new math that lets us break them classically..
5. Re:Yeah? Available for years. by WaffleMonster · 2018-10-04 10:09 · Score: 3, Informative
  
  How is this better than AES-CMAC?
  Quantum only affects asymmetric cypher's mainly used for key distribution as far as I know. Symmetric cypher's like AES should be unaffected if you just up the number of bits a bit.
  Code signing as a practical matter to be useful requires asymmetric encryption.
6. Re:Yeah? Available for years. by Anonymous Coward · 2018-10-04 10:12 · Score: 0
  
  Quantum computers are probably a scam. Asymmetric encryption is therefore probably not going anywhere.
7. Re:Yeah? Available for years. by JoeDuncan · 2018-10-04 10:20 · Score: 0
  
  How is this better than AES-CMAC? Quantum only affects asymmetric cypher's ... as far as I know..
  Quantum computing can produce and try EVERY possible solution to a given problem simultaneously. How would that not break symmetric encryption too?
8. Re:Yeah? Available for years. by Anonymous Coward · 2018-10-04 10:27 · Score: 0
  
  The hard truth we may end up facing is that asymmetric cryptography may be entirely dead, while symmetric cryptography survives, with everything boiling down to key length.
  There is no truth in this on any level. Numerous quantum safe asymmetric schemes exist.
  Equally as important zilch in evidentiary department supporting ASSumption code breaking quantum computers will ever be feasible.
  
  If that happens, then good luck with your key exchange protocols, your cryptocurrencies, and just about everything else using the public internet.
  No evidence to support "If" and stated repercussions of "If" being true anyway are incorrect.
  
  If quantum attacks on asymmetric encryption prove viable in real-world usage, they may lead to the discovery (or exposure, depending on your hat's material) of fun new math that lets us break them classically..
  Also barbequing outdoors may lead to contact with alien visitors.
9. Re:Yeah? Available for years. by Anonymous Coward · 2018-10-04 10:33 · Score: 0
  
  No it can't.
  Quantum computers only work on the class of problems that can be efficiently mapped to the operations available to them.
  For the case of finding divisors we have shor's algorithm.
  Unless you have some algorithm that can speed up the breaking of symmetric encryption it doesn't matter if you have quantum computing or not.
  And no, that's only the explanation that people use to dumb it down when trying to explain quantum computing to people who don't know anything about computers or quantum computing.
10. Re:Yeah? Available for years. by WaffleMonster · 2018-10-04 10:34 · Score: 1
  
  Quantum computing can produce and try EVERY possible solution to a given problem simultaneously.
  No it can't.
  
  How would that not break symmetric encryption too?
  Enabling premise is false.
11. Re: Yeah? Available for years. by Tomahawk · 2018-10-04 10:37 · Score: 1
  
  Not quite. They can't, for example, test all possibilities of a 128bit symmetric key. It doesn't actually work like that. Never mind a 256 or 512 bit key.
  However, they can be used to factor numbers very fast. Private Keys consist of 2 very large prime numbers (plus some stuff) and the correspondingly Public Key consists of the product of those 2 primes (plus some stuff).
  Factoring the public key into the 2 primes is very hard using current technology. Quantum Computing makes this much much easier.
  It's this asymmetric (i.e. public/private key) encryption that's mainly at risk here. And public/private key encryption is used, like, everywhere. Every https website, for example -- like your bank.
12. Re: Yeah? Available for years. by Anonymous Coward · 2018-10-04 11:03 · Score: 0
  
  Ancient aliens theorists agree this is a very real and very probable event.
13. Re:Yeah? Available for years. by Bob+the+Super+Hamste · 2018-10-05 00:53 · Score: 1
  
  Quantum computers are not non-deterministic Turing machines that can magically solve and verify a NP problem in P time. However they do offer a substantial speed improvement. Looking at symmetric key encryption schemes a quantum computer can use Grover's Algorithm to speed up key cracking and the speed up is impressive but no where near going from NP to P. So instead of taking 2^N attempts it will take 2^(N/2) attempts. Because the algorithm was known when AES was being designed the competition specified that there be a 256 bit key length option because cracking a 256 bit key on a quantum computer is as difficult as cracking a 128 bit key is on classical computers, and that would take a sizeable portion of the total US annual energy output to accomplish on an ideal computer which we are very far from.
  
  For most asymmetric key crypto schemes there is Shor's Algorithm which basically makes RSA and EC symmetric key encryption pointless but there are schemes like Lattice-based crypto or Multivariate crypto that resist Shor's Algorithm and other known attacks from quantum and classical computers. EC crypto is really weak against quantum computers, much worse than RSA, so should not be looked to as a solution.
  
  --
  Time to offend someone
14. Re:Yeah? Available for years. by JoeDuncan · 2018-10-05 04:18 · Score: 1
  
  No it can't.
  Useless answer.
  
  Enabling premise is false.
  Pointless redundant statement.
Sound like... by Tomahawk · 2018-10-04 09:34 · Score: 3, Insightful

Those last 2 sentences read like the blurb you get when someone is just randomly adding technical words to something to make it sound like it actually is something worth having, but isn't.
Giving the benefit of the doubt here, does anyone have any links to technical papers about this quantum-resistant cryptographic solution?
1. Re:Sound like... by OzPeter · 2018-10-04 11:17 · Score: 4, Funny
  
  Giving the benefit of the doubt here, does anyone have any links to technical papers about this quantum-resistant cryptographic solution?
  I had one on my desk here, but then I looked at it.
  
  --
  I am Slashdot. Are you Slashdot as well?
2. Re:Sound like... by Anonymous Coward · 2018-10-04 11:32 · Score: 0
  
  https://www.isara.com/research-publications/
3. Re:Sound like... by thePsychologist · 2018-10-04 17:29 · Score: 2
  
  The solutions that ISARA says are in their suite are not new solutions developed by them. For example, two systems they use are the McEliece PKE and NewHope. The former is based on coding theory and the latter is based on ring learning with errors. You can put those terms into Google/Google scholar and find a bunch of papers on them.
  Typically so-called quantum resistant algorithms are just based on a different class of problems related to lattice problems, like finding the nearest lattice vector close to some point. Such algorithms are believed to be quantum resistant because they are typically in a class of problems that are supposed to be hard, like NP-complete for instance or some other related class.
  Some of them are quite old. The reason why they were not used before is because they are worse in some ways compared to RSA or discrete log. Worse for example in having a large plaintext to ciphertext expansion, or needing huge key lengths. Of course with the possible coming of quantum computing, we would be better off accepting some of these trade-offs now.
  
  --
  "What lies behind us, and what lies before us are tiny matters compared to what lies within us." Ralph Waldo Emerson
4. Re:Sound like... by Tomahawk · 2018-10-04 21:25 · Score: 1
  
  I'll look them up. Thanks.
  One wonders -- with the onset of Quantum Computing, what new public/private key algorithms could be created based on Quantum Computing itself?
5. Re:Sound like... by Bob+the+Super+Hamste · 2018-10-05 00:59 · Score: 3, Informative
  
  Since symmetric key ones are resistant, just increase the key length which is why there is a required 256 bit option for all AES entrants, you want to look at asymmetric key crypto. Here there are 2 main options available. The first is Lattice-based crypto and the other is Multivariate crypto. Both defeat Shor's algorithm which is the one to be worried about with asymmetric key crypto.
  
  --
  Time to offend someone
Superposition by Anonymous Coward · 2018-10-04 09:50 · Score: 1

It's simple. To make their hardware quantum-resistant they simply pushed it into the super position of being both off and on but unused. Their next step is to involve concrete.
This is the company by Anonymous Coward · 2018-10-04 09:55 · Score: 0

Who's CEO doesn't like encryption without backdoors.
I'm confused by fahrbot-bot · 2018-10-04 10:12 · Score: 1

BlackBerry Races Ahead of Security Curve With Quantum-Resistant Solution
So, does mean they won't run the latest versions of Firefox?

--
It must have been something you assimilated. . . .
Well that was remarkably vacuous by Crashmarik · 2018-10-04 10:43 · Score: 1

It's a quantum resistant solution.
Err How does it work, what makes it quantum resistant, how long is it expected to be resistant
***Crickets****
Might as well be a press release for Blackberry.
If? by quonset · 2018-10-04 10:56 · Score: 1

If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now
What do you mean, if it needs to be functional 10 years from now? My car IS 10 years old and in perfect working condition. It better damn well last another decade (barring people slamming into me which has happened).
This is the problem with technology. Anything over six months old is considered not worth it to keep around. A three year-old product is considered ancient.
Because Blackberry boasts the best cryptoanalysts! by Anonymous Coward · 2018-10-04 12:02 · Score: 0

They probably don't actually employ anyone who is qualified to create the next generation of cryptography. This is just a snake oil salesman unless they share precisely what they've built with the entire world.
Untrustworthy by Anonymous Coward · 2018-10-04 12:46 · Score: 0

The same BlackBerry that enthusiastically supported government back-dooring before it was cool? No thanks.
On the positive side, this article has informed me that it's probably also unsafe to use anything from their partner, Isara Corporation. Another name for my shit-list.
Slashdot? by Slashdot · 2018-10-04 14:25 · Score: 0

Hm. Your .sig claims that you are Slashdot. That's interesting.
Just sha512sum the tarball by Anonymous Coward · 2018-10-04 18:53 · Score: 0

and check that it matches what you expect. It could be automated in your build scripts. There's no need for a public-private key pair to validate source code integrity. (Yeah, that's not really signing, but it IS practical.)
1. Re: Just sha512sum the tarball by NoseyNick · 2018-10-07 04:22 · Score: 1
  
  The problem isn't the checksum, nor how to make the checksum. The problem is how to know "what you expect" is correct, if it wasn't signed... by public:private crypto.
  
  --
  Nick Waterman, Sr Tech Director, #include <stddisclaimer>
Hello slashdot! by Anonymous Coward · 2018-10-04 19:27 · Score: 0

Luckily I'm not alone here, but JFTR: I don't care about regurgitated press releases. What does "quantum resistant" mean? What's behind that marketing mumbo-jumbo? Is it just something thought to be resistant against Shor's algorithm[1]? Or which one of those[2] is it?
Facts, please (and no alternative facts, please). There are enough snake oil vendors out there already.
[1] https://en.wikipedia.org/wiki/...
[2] https://en.wikipedia.org/wiki/...
Oh for FUCK's sake! by Opportunist · 2018-10-04 21:04 · Score: 1

If your product, whether it's a car or critical piece of infrastructure, needs to be functional 10-15 years from now, you need to disconnect it from an insecure network like the internet.
It IS actually that simple!

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Irrelevant company tries to stay relevant by Anonymous Coward · 2018-10-05 02:36 · Score: 0

Blackberry stopped being a company that one could trust to be secure when they started bending over for government agencies. Clearly they do not understand security if they expect to be able to break their own encryption for law enforcement purposes while still maintaining security for everyone else, all it takes is a 5 dollar wrench approach to the right employee.
If they are trying to regain trust in the industry then they need to open source their code for public review and contribution in order to start wining back the trust they lost.
They could actually be onto something here but i don't see how anyone with the smallest bit of technical aptitude could trust them after the things that they have publicly announced so that they could target specific markets. Whats to stop them from trading security for market share once again?
Kill the brand, its done, put it out of its misery. the best bet now is to chop it all up, sell off the parts into new companies with new leadership as there is no coming back from the extreme loss of trust.
What about Key Escrow? by Agripa · 2018-10-07 05:04 · Score: 1

Does quantum encryption solve the key escrow problem? Or would not implementing key escrow be necessary for that?
After what happened with BlackBerry, why would I trust anything they say or do? They are as trustworthy as RSA which is to say, not trustworthy at all.