GRID computing includes applications, some of which are intelligence sensitive (genetics, space, industrial intellectual property, etc) and need to remain confidential. Current security is mostly based based on public (asymmetric) key algorithms (Salomaa, 1996) – hash function algorithms easy to calculate in direct, but estimated as impossible in reverse. The base assumption to this assertion is the difficulty of factorising prime numbers. This received however a serious blow in 1994 (Shor, 1994), when it was shown that (a hypothetical future) quantum computer could rapidly factorise prime numbers via a polynomial algorithm. As such messages could be intercepted and stored today awaiting for the availability of quantum processors, when they could conceivably be deciphered. Evidently, data with short “life-span” (2-5 years) is perfectly safe today, however censi, geological data, etc have long-term implications and need to be adequately protected. The other main security contender currently in use is the symmetric-key AES encryption (Daemen and Rijmen, 1996-2001 and 2006), that comes in 3 versions of key length 128, 192 and 256 bit (with 10, 12, and 14 rounds, respectively). For AES-128 there is no known attack faster than the 2128 complexity of exhaustive search. However, AES-192 and AES-256 were recently shown (Biryukov and Khovratovich, 2009) to be breakable by attacks of 2176 and 2119 complexities. While these are much faster than the exhaustive search, they are non-practical, and do not to pose a real threat (at the rate the world produces today data, ca. 0.2⋅1021 bytes/year (261 × 256-bit ciphertexts) it would take 258 ≅ 1017 years data’s worth to recover just one AES key). The US National Security Agency (Hathaway, 2003) stated that “The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the secret level.” From this assessment and the simple estimates above, it is apparent that given adequate key distribution protection AES cannot be broken – at least not in the next 1017 years (for 1 key). The secret key carrier on the other hand needs to be a stable long-term committed technology, that would not come under question any time soon (including from futuristic quantum processor attacks).
[1]
Norbert Lütkenhaus,et al.
ESTIMATES FOR PRACTICAL QUANTUM CRYPTOGRAPHY
,
1999
.
[2]
Arto Salomaa,et al.
Public-Key Cryptography
,
1991,
EATCS Monographs on Theoretical Computer Science.
[3]
Gilles Brassard,et al.
Experimental Quantum Cryptography
,
1990,
EUROCRYPT.
[4]
Alex Biryukov,et al.
Related-Key Cryptanalysis of the Full AES-192 and AES-256
,
2009,
ASIACRYPT.
[5]
A simple optical demonstration of quantum cryptography using transverse position and momentum variables
,
2006
.
[6]
White,et al.
Entangled state quantum cryptography: eavesdropping on the ekert protocol
,
1999,
Physical review letters.
[7]
M. Dušek,et al.
Generalized beam-splitting attack in quantum cryptography with dim coherent states
,
1999
.
[8]
Gilles Brassard,et al.
Secret-Key Reconciliation by Public Discussion
,
1994,
EUROCRYPT.
[9]
M. Hendrych,et al.
Practical Aspects of Quantum Cryptography
,
2002
.
[10]
Vincent Rijmen,et al.
The Block Cipher Rijndael
,
1998,
CARDIS.
[11]
Peter W. Shor,et al.
Algorithms for quantum computation: discrete logarithms and factoring
,
1994,
Proceedings 35th Annual Symposium on Foundations of Computer Science.
[12]
G. S. Vernam,et al.
Cipher Printing Telegraph Systems For Secret Wire and Radio Telegraphic Communications
,
1926,
Transactions of the American Institute of Electrical Engineers.