{"id":66,"date":"2023-12-12T13:00:14","date_gmt":"2023-12-12T12:00:14","guid":{"rendered":"https:\/\/physicsworld.com\/?p=111771"},"modified":"2023-12-12T13:00:14","modified_gmt":"2023-12-12T12:00:14","slug":"researchers-grapple-with-bringing-quantum-security-to-the-cloud","status":"publish","type":"post","link":"https:\/\/hadamard.com\/c\/researchers-grapple-with-bringing-quantum-security-to-the-cloud\/","title":{"rendered":"Researchers grapple with bringing quantum security to the cloud"},"content":{"rendered":"<p><span lang=\"EN-US\">A new protocol for cloud-computing-based information storage that could combine quantum-level security with better data-storage efficiency has been proposed and demonstrated by researchers in China. The researchers claim the work, which combines existing techniques known as quantum key distribution (QKD) and Shamir\u2019s secret sharing, could protect sensitive data such as patients\u2019 genetic information in the cloud. Some independent experts, however, are sceptical that it constitutes a genuine advance in information security.<\/span><\/p>\n<p>n<\/p>\n<p><span lang=\"EN-US\">The main idea behind QKD is to encrypt data using quantum states that cannot be measured without destroying them, and then send the data through existing fibre-optic networks within and between major metropolitan areas. In principle, such schemes make information transmission absolutely secure, but on their own, they only allow for user-to-user communication, not data storage on remote servers.<\/span><\/p>\n<p>nn<\/p>\n<p><span lang=\"EN-US\">Shamir\u2019s secret sharing, meanwhile, is an algorithm developed by the Israeli scientist Adi Shamir in 1979 that can encrypt information with near-perfect security. In the algorithm, an encrypted secret is dispersed between multiple parties. As long as a specific fraction of these parties remain uncompromised, each party can reconstruct absolutely nothing about the secret.<\/span><\/p>\n<p>n<\/p>\n<h3>Secure and efficient cloud storage<\/h3>\n<p>n<\/p>\n<p><span lang=\"EN-US\"><a href=\"https:\/\/scholar.google.com\/citations?user=2z0AkNIAAAAJ&amp;hl=zh-CN\">Dong-Dong Li<\/a> and colleagues at the University of Science and Technology of China (USTC) in Hefei and the spinout company <a href=\"http:\/\/www.quantum-info.com\/English\/\">QuantumCTek<\/a> have combined these two technologies into a protocol that utilizes Shamir\u2019s secret sharing to encrypt data stored in the cloud and resists outside intruders. Before uploading data to the central server, an operator uses a quantum random number generator to generate two bitstreams called K and R. The operator uses K to encrypt the data and then deletes it. R serves as an \u201cauthentication\u201d key: after encrypting the data, the user inserts a proportion of bitstream R into the ciphertext and uploads it to a central server, retaining the remainder locally. The proportion the user uploads must be below the Shamir threshold.<\/span><\/p>\n<p>n<\/p>\n<p><span lang=\"EN-US\">In the next step, the central server performs what\u2019s known as erasure coding on the ciphertext. This divides the data into packets sent on to remote servers. To ensure against loss of information, the system needs a certain amount of redundancy. The current standard cloud storage technique, storage mirroring, achieves this by storing complete copies of the data on multiple servers. In Li and colleagues\u2019 chosen technique, the redundant data blocks are instead scattered between servers. This has two advantages over storage mirroring. First, it reduces storage costs, since less redundancy is required; secondly, compromising one server does not lead to a complete data leak, even if the encryption algorithm is compromised. \u201cErasure coding is characterized by high fault tolerance, scalability and efficiency. It achieves highly reliable data recovery with smaller redundant blocks,\u201d the researchers tell <em>Physics World<\/em>.<\/span><\/p>\n<p>n<\/p>\n<p><span lang=\"EN-US\">When a user wishes to recover the original data, the central server requests the data blocks from randomly chosen remote servers, reconstructs it and sends it in encrypted form back to the original user, who can recover the encryption key K and decrypt the message because they have the proportion of R that was originally retained locally as well as that which was inserted into the message. A hacker, however, could only obtain the part that was uploaded. The researchers write that they conducted a \u201cminimal test system to verify the functionality and performance of our proposal\u201d and that \u201cthe next step in developing this technology involves researching and validating multi-user storage technology. This means we will be focusing on how our system can effectively and securely handle data storage for multiple users.\u201d<\/span><\/p>\n<p>n<\/p>\n<h3>Further work needed<\/h3>\n<p>n<\/p>\n<p><span lang=\"EN-US\">Barry Sanders, who directs the Institute for Quantum Science and Technology at the University of Calgary in Canada, describes a paper on the work in <a href=\"https:\/\/pubs.aip.org\/aip\/adv\/article\/13\/11\/115309\/2920969\/Quantum-secure-fault-tolerant-distributed-cloud\"><em>AIP Advances<\/em><\/a> as \u201ca good paper discussing some issues concerning how to make cloud storage secure in a quantum sense\u201d. However, he believes more specifics are necessary. In particular, he would like to see a real demonstration of a distributed cloud storage system that meets the requirements one would expect in cybersecurity.<\/span><\/p>\n<p>n<\/p>\n<p><span lang=\"EN-US\">\u201cThey don\u2019t do that, even in the ideal sense,\u201d says Sanders, who holds an appointment at USTC but was not involved in this work. \u201cWhat is the system you\u2019re going to create? How does that relate to other systems? What are the threat models and how do we show that adversaries are neutralized by this technique? None of these are evident in this paper.\u201d<\/span><\/p>\n<p>nn<\/p>\n<p><span lang=\"EN-US\"><a href=\"https:\/\/itp.phys.ethz.ch\/people\/person-detail.NTkyNzU=.TGlzdC84NDYsLTE5MDQ4MDM5ODI=.html\">Renato Renner<\/a>, who leads a quantum information theory research group at ETH Zurich, Switzerland, is similarly critical. \u201cThe positive part [of the paper] is that it at least tries to combine quantum-inspired protocols and integrate them into classical crytographic tasks, which is something one doesn\u2019t see very often,\u201d he says. \u201cThe issue I have is that this paper uses many techniques which are <em>a priori<\/em> completely unrelated \u2013 secret sharing is not really related to QKD, and quantum random number generation is different from QKD \u2013 they mix them all together, but I don\u2019t think they make a scientific contribution to any of the individual ingredients: they just compose them together and say that maybe this combination is a good way to proceed.\u201d<\/span><\/p>\n<p>n<\/p>\n<p><span lang=\"EN-US\">Like Sanders, Renner is also unconvinced by the team\u2019s experimental test. \u201cReading it, it\u2019s just a description of putting things together, and I really don\u2019t see an added value in the way they do it,\u201d he says.<\/span><\/p>\n<p>n<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/physicsworld.com\/a\/researchers-grapple-with-bringing-quantum-security-to-the-cloud\/\">Researchers grapple with bringing quantum security to the cloud<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/physicsworld.com\">Physics World<\/a>.<\/p>\n<p>n<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new protocol for cloud-computing-based information storage that could combine quantum-level security with better data-storage efficiency has been proposed and demonstrated by researchers in China. The researchers claim the work, which combines existing techniques known as quantum key distribution (QKD) and Shamir\u2019s secret sharing, could protect sensitive data such as patients\u2019 genetic information in the&hellip; <a class=\"more-link\" href=\"https:\/\/hadamard.com\/c\/researchers-grapple-with-bringing-quantum-security-to-the-cloud\/\">Continue reading <span class=\"screen-reader-text\">Researchers grapple with bringing quantum security to the cloud<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-66","post","type-post","status-publish","format-standard","hentry","category-allgemein","entry"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/posts\/66","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/comments?post=66"}],"version-history":[{"count":0,"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/posts\/66\/revisions"}],"wp:attachment":[{"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/media?parent=66"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/categories?post=66"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hadamard.com\/c\/wp-json\/wp\/v2\/tags?post=66"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}