TOPPAN Digital, the National Institute of Information and Communications Technology (NICT), and Canada's ISARA Corporation have developed a smart card system called "SecureBridge." This system is compatible with post-quantum cryptography (PQC)—a quantum-computer-resistant cryptography that is considered difficult to decipher even with a quantum computer—and existing cryptography.
Services over the Internet, such as online medical consultations and e-commerce, are secured by cryptography. However, it is believed that it will be deciphered in the future with the advent of quantum computers. This means that there is a need to quickly transition to PQC for important information systems, which is considered difficult to decode even with quantum computers.
In August of this year, the US National Institute of Standards and Technology (NIST) announced the PQC algorithm, which is the de facto global standard. Hence, the transition to PQC is expected to accelerate further in the future. However, existing information systems have become bloated and complex, and a complete transition to PQC is expected to take a long time. If there is a mixture of systems that have been migrated to PQC and those that have not, authentication and encrypted communication will become difficult because the accessing and accessed parties will not be able to use the same cryptographic technology.
To enable authenticated and encrypted communications even under such circumstances, the three organizations have developed a hybrid smart card system that is compatible with PQC and current cryptography. They began collaborative research in April 2021 and developed the PQC-equipped smart card system called "PQC CARD" in October 2022. Today, "PQC CARD" and private certification authority have been updated to complete "SecureBridge," which supports electronic certificates (hybrid certificates) that enable authentication using PQC and current encryption techniques. The system is compatible with the PQC signature algorithm "ML-DSA," which is the de facto global standard announced by NIST in August, and the signature algorithm "ECDSA," which is used in existing encryption standards, making authentication possible in various transitional systems.
ML-DSA is a next-generation cryptographic algorithm designated by NIST as a Federal Information Processing Standard (FIPS) this August. Further, it is derived from "CRYSTALS-Dilithium," a digital signature algorithm that uses lattice cryptography. ECDSA is an electronic signature algorithm based on the ECC public key cryptography. It is a cryptography method that offers the same security level as RSA, another public key cryptography method, while having a key size that is about one-tenth the size used in RSA.
The three organizations used the developed system for user authentication in the Healthcare Long-term Integrity and Confidentiality Protection System (H-LINCOS) implemented on a quantum cryptography network testbed operated by NICT and confirmed its effectiveness. They will utilize this technology to promote efforts toward the practical application and advancement of quantum secure cloud technology, which will enable the secure distribution, storage, and utilization of highly confidential information in the future.
This article has been translated by JST with permission from The Science News Ltd. (https://sci-news.co.jp/). Unauthorized reproduction of the article and photographs is prohibited.