There seem to be lots of holy grails these days and lots of companies claim to have found them, but creating genuine random numbers are up there in the pantheon of holy grails. Random numbers are essential for security. If identification numbers are not generated randomly, then once hackers have managed to work out one number, maybe via a phishing attack, or some other nefarious means, then, equipped with sufficient computer power, they can work out future numbers that might be used for security purposes.
If the number is truly random — then that represents a major hurdle for the so called bad guys. As the era of quantum computers dawns, maybe during the course of the next decade, then the most complex mechanism for generating numbers will be vulnerable.
“Encryption needs random numbers to make it secure” explained Crypta Labs’ CEO, Joe HQ Luong. “But most of the random numbers that are used today, for everyday usage, generate pseudo random numbers.”
Machine identities, Venafi, and why being quantum ready is good strategy for today, and not just when quantum computers arrive
Quantum computing maybe be a few years off, but there is more to being quantum ready than preparing for that day. It boils down to machine identities, and finding a way to automate the process of changing these identities. We spoke to Venafi’s Kevin Bocek, an expert in threat detection, encryption, digital signatures and key management. He enlightened us further.
“Worryingly, even the most advanced techniques don’t use genuine random numbers.”
The current state of the art in random number generation uses ring oscillators that can theoretically generate random numbers by processing the clock jitter of the electronics.
“We believe that there is only one true way to generate a random number and that’s from a quantum source. It’s been proven already. Over and over again it has been shown that even this ring mechanism is not secure,” says Luong.
The Crypta Labs solution instead processes light, using technology that comes with an Android phone, or a digital camera. The light is converted into a number — a truly random number.
IBM achieves highest quantum volume to date
The first prototype entailed shining a light through a Samsung phone, later versions used a Sony camera.
“Because it sits in a random format from a quantum source or a photon source, the data that’s coming out of this is purely random.” The sensor can then take that data from that light to generate a random number.
The idea, seems preposterously easy, but making the idea work in practice needed some clever people — PhDs aplenty.
Crypta Labs is currently trialing the quantum-based technology with several key defence companies to provide encryption for their devices.
Quantum computing — coming soon to an enterprise near you?
“Our quantum random number generator products and solutions are future-proofing the cyber-security of the Internet of Things,” said Luong.
He continued: “In combination with our mobile phone sleeve, we are developing an Application Process Interface (API) and a Software Development Kit (SDK) which can be used by mobile application developers to secure their software. Obvious initial applications include finance and healthcare.”
Other target markets include transport — with random number generation vital, for example, in security in the age of autonomous cars — military and medical usage.
Tech Leaders Summit
On 12 September, Information Age will once again host Tech Leaders Summit at the Royal Lancaster Hotel, London. This year, speakers at the UK’s most innovative tech leadership conference — including the CTOs of RBS and Ofcom and Sarah Burnett from Everest Group — will help dissect subjects, such as intelligent automation, emerging tech, agile and cultural transformation. With plenty of opportunties to network throughout the day, this event is not be missed. To find out about the latest innovations and how to lead your organisations and customers through the disrupted era, register here.