More

RecordsKeeper  An Open Public Ecosystem for Record Keeping and Data Security

Quant Network's Overledger Set to Harness Blockchain Technology to Power the Next Industrial Revolution

Kalibrate Blockchain developing universal patient index

FormulA  The Ultimate Solution for Real Assets on the Blockchain

Bronzechain: New hallmark for bronze with blockchain technology unveiled
Cryptography is more or less based on mathematical functions called algorithms. These algorithms are designed in a such way that the data is easy to calculate in one direction but hard to calculate in the other direction. So given x, it is easy to find f(x)= y, but given y it is supposed to be hard to find x.
Quantum computing and insecure functions
However quantum computing changes the equation, making some existing cryptography functions insecure, with a new report from the Global Risk Institute estimating a 50 percent risk that publickey cryptography tools will be broken by 2031.
The solution to this problem is simple: stop using the newly insecure mathematical functions and instead use mathematical functions known to be immune from a quantum computing threat.
So far so good. But what are these secure functions?
Hash functions and security
We can start with a mathematical function called a hash function, which remains secure if faced with a quantum computing threat, as long as it fulfills certain criteria. When these criteria are fulfilled, hash functions are unique and create fixedsized, irreversible fingerprints of data.
In general, a cryptographic hash function is considered secure if—when fed an arbitrary piece of data—it returns a truly random value for every different query while a repeated query returns the same random value each time. For example, you could feed "Security is important" into the hash function, and the output could be "10." But if you feed “Security is a must," you would get back, say, "13." Then if you return to "Security is important," the hash function must once again return "10."
Today's secure hash algorithms are considered among experts to be SHA2 and SHA3.
However, there are certain caveats that a hash function needs to fulfill in order to be perceived secure.
Preimage resistance
First, the hash function must have "preimage resistance." In principle, it must not be possible to go backwards from an answer to the related question. This means that if the hash function output is "10," to derive that the original feed was "Security is important" must not be possible.
Second preimage resistance
Second, the hash function needs to have "second preimage resistance." In principle, it should not be possible from looking at the feed "Security is important" to determine that the feed " Security is always important" will produce the same result. This means that if a hash function is fed with "Security is always important" it should not return "10"—which is the result from the feed "Security is important."
Collision resistance
Third, the hash function must have collision resistance. This is similar to second preimage resistance. It must not be possible to easily find two messages that have the same hashed result. Even though collisions will exist simply due to the limited range of outputs versus the infinite range of inputs, it must not be possible to easily derive colliding messages.
If both "Security is important" and "Security is always important" resolve to "10," it must not be possible to conclude this result independently. It must take a tremendously (read, improbable) amount of brute force work to discover that the two inputs resolve to the same hashed output.
Ericsson Data Centric Security and quantum computing
So where does this leave the Ericsson Data Centric Security solution?
This solution is based on a blockchain architecture, with two fundamental and crucial parts that make it immune to quantum computing threats: the cryptographic algorithm (SHA2256) and the Merkle signature scheme also known as a binary hash tree.
The Merkle signature scheme
The Merkle signature scheme is based on a mathematical hierarchical hash tree structure, which has the shape of a tree in which the lower branches have the largest amount of leaves. The higher in the tree, the smaller the branches and the fewer leaves on each branch, until the top is reached.
Native hash data is fed into the bottom of the tree, as source input. The architectural functionality is then to concatenate all hash data from the lower layers into next layer of branches until the top of the tree is reached, where a root hash is produced. The Merkle tree works in a dedicated and confined time slot of one second. This means that each Merkle tree schema, with the associated concatenation action and the creation of a treetop root hash, is carried out and processed every second.
Thereafter the Merkle tree schema is torn down, for the next second to become rebuilt again and again—and so on for every second into the future. What is important to acknowledge in context to the Merkle tree is that the hash tree is secure as long as it uses a secure hash function in its architecture that is resistant to preimages and second preimages as, for example, SHA2256 or above.
Unique blockchain security
Another fact that makes the Ericsson Data Centric Security blockchain solution unique is the way the blockchain is securely created and processed every second. Since each root hash is timestamped and cryptographically interlinked with the previous time slot hash value, the digital blockchain ledger becomes immutable for backwards changes in time, as well as for other general tampering.
So finally, against a quantum computing threat, a "perfect" hash function of output size "n" bits still offers strong resistance as long it is above 128 bits—which means 2 to the (n/2) power or above, for example, with SHA2256, a 256bit output. In this case, the best quantum computer would still need 2 to the 128th power of simultaneous operations (that is, with current technology too many to be feasible by a huge margin) to break preimage resistance. Further a possible attack has to be executed within one second for each leave in the binary hash tree at the same time in order to become close knowing what information is being hashed, concatenated and processed, which is today know to be impossible even for furture quantum computers, which makes Ericsson Data Centric Security the perfect choice for thwarting quantum computing threats.
By Mads Becker Jorgensen, Ericsson.
Mads Becker Jorgensen
Mads works as Technical Product Manager in the security product line at Ericsson in Kista, Stockholm. Mads has a background as an Information Security Specialist with over 15 years field work, both hands on and conceptual, as a consultant via various international security companies. Mads' focus is on the value of holistic security and especially how to prove and measure it by working with people processes and technology. Mads’ favorite question is "If you can´t measure the value of security, how do you really know it works, and how do you prove it when you need it?" The answer is ... you simply don´t.
Quantum computing and insecure functions
However quantum computing changes the equation, making some existing cryptography functions insecure, with a new report from the Global Risk Institute estimating a 50 percent risk that publickey cryptography tools will be broken by 2031.
The solution to this problem is simple: stop using the newly insecure mathematical functions and instead use mathematical functions known to be immune from a quantum computing threat.
So far so good. But what are these secure functions?
Hash functions and security
We can start with a mathematical function called a hash function, which remains secure if faced with a quantum computing threat, as long as it fulfills certain criteria. When these criteria are fulfilled, hash functions are unique and create fixedsized, irreversible fingerprints of data.
In general, a cryptographic hash function is considered secure if—when fed an arbitrary piece of data—it returns a truly random value for every different query while a repeated query returns the same random value each time. For example, you could feed "Security is important" into the hash function, and the output could be "10." But if you feed “Security is a must," you would get back, say, "13." Then if you return to "Security is important," the hash function must once again return "10."
Today's secure hash algorithms are considered among experts to be SHA2 and SHA3.
However, there are certain caveats that a hash function needs to fulfill in order to be perceived secure.
Preimage resistance
First, the hash function must have "preimage resistance." In principle, it must not be possible to go backwards from an answer to the related question. This means that if the hash function output is "10," to derive that the original feed was "Security is important" must not be possible.
Second preimage resistance
Second, the hash function needs to have "second preimage resistance." In principle, it should not be possible from looking at the feed "Security is important" to determine that the feed " Security is always important" will produce the same result. This means that if a hash function is fed with "Security is always important" it should not return "10"—which is the result from the feed "Security is important."
Collision resistance
Third, the hash function must have collision resistance. This is similar to second preimage resistance. It must not be possible to easily find two messages that have the same hashed result. Even though collisions will exist simply due to the limited range of outputs versus the infinite range of inputs, it must not be possible to easily derive colliding messages.
If both "Security is important" and "Security is always important" resolve to "10," it must not be possible to conclude this result independently. It must take a tremendously (read, improbable) amount of brute force work to discover that the two inputs resolve to the same hashed output.
Ericsson Data Centric Security and quantum computing
So where does this leave the Ericsson Data Centric Security solution?
This solution is based on a blockchain architecture, with two fundamental and crucial parts that make it immune to quantum computing threats: the cryptographic algorithm (SHA2256) and the Merkle signature scheme also known as a binary hash tree.
The Merkle signature scheme
The Merkle signature scheme is based on a mathematical hierarchical hash tree structure, which has the shape of a tree in which the lower branches have the largest amount of leaves. The higher in the tree, the smaller the branches and the fewer leaves on each branch, until the top is reached.
Native hash data is fed into the bottom of the tree, as source input. The architectural functionality is then to concatenate all hash data from the lower layers into next layer of branches until the top of the tree is reached, where a root hash is produced. The Merkle tree works in a dedicated and confined time slot of one second. This means that each Merkle tree schema, with the associated concatenation action and the creation of a treetop root hash, is carried out and processed every second.
Thereafter the Merkle tree schema is torn down, for the next second to become rebuilt again and again—and so on for every second into the future. What is important to acknowledge in context to the Merkle tree is that the hash tree is secure as long as it uses a secure hash function in its architecture that is resistant to preimages and second preimages as, for example, SHA2256 or above.
Unique blockchain security
Another fact that makes the Ericsson Data Centric Security blockchain solution unique is the way the blockchain is securely created and processed every second. Since each root hash is timestamped and cryptographically interlinked with the previous time slot hash value, the digital blockchain ledger becomes immutable for backwards changes in time, as well as for other general tampering.
So finally, against a quantum computing threat, a "perfect" hash function of output size "n" bits still offers strong resistance as long it is above 128 bits—which means 2 to the (n/2) power or above, for example, with SHA2256, a 256bit output. In this case, the best quantum computer would still need 2 to the 128th power of simultaneous operations (that is, with current technology too many to be feasible by a huge margin) to break preimage resistance. Further a possible attack has to be executed within one second for each leave in the binary hash tree at the same time in order to become close knowing what information is being hashed, concatenated and processed, which is today know to be impossible even for furture quantum computers, which makes Ericsson Data Centric Security the perfect choice for thwarting quantum computing threats.
By Mads Becker Jorgensen, Ericsson.
Mads Becker Jorgensen
Mads works as Technical Product Manager in the security product line at Ericsson in Kista, Stockholm. Mads has a background as an Information Security Specialist with over 15 years field work, both hands on and conceptual, as a consultant via various international security companies. Mads' focus is on the value of holistic security and especially how to prove and measure it by working with people processes and technology. Mads’ favorite question is "If you can´t measure the value of security, how do you really know it works, and how do you prove it when you need it?" The answer is ... you simply don´t.
Les médias du groupe Finyear
Lisez gratuitement :
BLOCKCHAIN DAILY NEWS
Le quotidien Blockchain Daily News :
 Blockchain Daily News
Sa newsletter quotidienne :
 Blockchain Daily News Newsletter
Recevez chaque matin par mail la newsletter Blockchain daily News, une sélection quotidienne des meilleures infos et expertises en Blockchain révolution.
Sa lettre mensuelle digitale :
 The Chief Blockchain Officer
FINYEAR
Le quotidien Finyear :
 Finyear Quotidien
Sa newsletter quotidienne :
 Finyear Newsletter
Recevez chaque matin par mail la newsletter Finyear, une sélection quotidienne des meilleures infos et expertises en Finance innovation & Digital transformation.
Ses 5 lettres mensuelles digitales :
 Le Directeur Financier
 Le Trésorier
 Le Credit Manager
 The Chief FinTech Officer
 The Chief Digital Officer
Finyear magazine trimestriel digital :
 Finyear Magazine
Un seul formulaire d'abonnement pour choisir de recevoir un ou plusieurs médias Finyear
BLOCKCHAIN DAILY NEWS
Le quotidien Blockchain Daily News :
 Blockchain Daily News
Sa newsletter quotidienne :
 Blockchain Daily News Newsletter
Recevez chaque matin par mail la newsletter Blockchain daily News, une sélection quotidienne des meilleures infos et expertises en Blockchain révolution.
Sa lettre mensuelle digitale :
 The Chief Blockchain Officer
FINYEAR
Le quotidien Finyear :
 Finyear Quotidien
Sa newsletter quotidienne :
 Finyear Newsletter
Recevez chaque matin par mail la newsletter Finyear, une sélection quotidienne des meilleures infos et expertises en Finance innovation & Digital transformation.
Ses 5 lettres mensuelles digitales :
 Le Directeur Financier
 Le Trésorier
 Le Credit Manager
 The Chief FinTech Officer
 The Chief Digital Officer
Finyear magazine trimestriel digital :
 Finyear Magazine
Un seul formulaire d'abonnement pour choisir de recevoir un ou plusieurs médias Finyear