New Methods Can Protect Data Privacy Against Quantum Computing
NJIT Electrical and Computer Engineering Professor Joerg Kliewer is looking to help preserve privacy by busting conventional wisdom about the future of computer security, which states that today's data protection measures, especially in Internet-of-things devices, stand absolutely no chance against the hacking power that will soon be wielded by the new era of quantum computers.
Quantum computers remain years away from being in the mainstream, with their promise that data can be represented by predicting the state of electrons, rather than computing by the traditional approach of flipping magnetic bits which are designed for that purpose. Electrons, made by nature, change states so fast that they're extraordinarily difficult to detect. This is good news for cryptographers because it means hackers would always be a moment behind the laws of physics, even if they too had a quantum computer, but it's also bad news because it means the faux randomness underpinning today's standard data encryption methods would be easy for a quantum system to break by applying brute force.
So the only way to pitch the security of Internet-of-things devices — which often are the lowest rung of computing power and the last to receive new technology, let alone complicated and expensive quantum power — might be to throw finesse instead of fastballs.
Kliewer proposed some ideas for how to do this and won a Fulbright U.S. Scholar grant to conduct his research at Norway's Simula UiB, which is a government research lab in Norway co-owned by the University of Bergen and specializing in cryptography. He received the award announcement last year but was unable to go because of international travel restrictions from the COVID pandemic. Kliewer still isn't sure when he will be allowed to travel to Norway, but his ideas for security in the quantum era are already underway.
Heavy computational requirements are the major drawbacks of existing methods for Internet-of-things devices to keep their owners' data private, he noted. "It's a problem. Our data's shared everywhere. People use it to learn algorithms and to train algorithms with," which is applicable to everything from healthcare to power grids to social media advertising.
The plans start with a modified version of what's known in computer security as the BGW protocol, developed in the 1980s. BGW was developed in part by Turing Award winner Shafi Goldwasser who is currently working with NJIT's Kurt Rohloff, associate professor and director of the Cybersecurity Research Center, at a computer security startup called Duality Technologies.
Kliewer expects to have results to share after his Norway excursion, most likely sometime in 2022. He will also teach while there and hopes to collaborate with like-minded researchers at other European universities.
Meanwhile — unrelated to quantum computing, but relevant to computer privacy — Kliewer is also studying how to stop hackers from eavesdropping on your data, by allowing recipients to discard rather than correct anything that shouldn't be there. This works by sharing a security key with a length that's logarithmic to the data, so it can be extracted by the receiving party without much overhead. He is beginning such research through a $450,000 grant from the National Science Foundation.
Others are also working on this research, including University of Wisconsin Assistant Professor Allison Beemer, who was a postdoctoral student of Kliewer, along with Kliewer's current Ph.D. students Sarah Obead and Yusuf Ozkan, plus former student Malihe Aliasgari.
