Let’s play a game – “Imagine a World…”
For this blog post, I’d like to propose playing a game called IMAGINE A WORLD, except when we play, I propose that we imagine a world that is centred on something very real….the current state of cryptography in 2024….so let’s play…..
Imagine a world where Trillions of $$’s in spent advancing Artificial Intelligence (AI) / Artificial General Intelligence (AGI) and Quantum compute, to the point where this Compute can solve extremely hard mathematical problems in new & novel ways, in seconds. Let’s call that INNOVATION.
Imagine a world where adversaries used this AI & Quantum Compute INNOVATION to render all cryptography primitives based on mathematical complexity obsolete, typically referred to as Q-Day – we wrote about this here – Cryptography Risks & Issues, Mitigating Actions and Consequences of getting it wrong – Incrypteon). Let’s call that an EXTINCTION event
Imagine a world where adversaries don’t announce they have achieved Q-Day, until they have realised their objective, whatever that might be. Let’s call that COMMON SENSE.
- SO, we have a situation where sometime in the next 2 to 5 years EVERY company will need to change ALL of their systems to mitigate the Q-Day risk so they don’t (and governments / economies more generally), become EXTINCT. Let’s call this SURVIVAL.
- AND, we have a situation where companies will only have resources / budget to do this once, so will want to pick a solution that mitigates this risk now and in the future with cryptography that is SECURE from both AI and Quantum Compute. Let’s call these BUDGETARY and IMPLEMENTATION CONSTRAINTS.
BUT, imagine a world where current NIST standards do not meet these functional or non-functional requirements, hence why PQC standards are only Quantum SAFE and why the term Crypto(graphic)-Agility was coined. This is because the NIST PQC primitives are still based on mathematical complexity. WE have NO IDEA when these NIST PQC primitives will be compromised, so we need to be “AGILE” so we can swap out primitives when they are compromised (or when we find out they have been compromised – see above). Let’s call this NOT MEETING FUNCTIONAL OR NON-FUNCTIONAL REQUIREMENTS.
As a Technology Professional, if I went to tender for a product / platform and it did not meet my functional or non-functional requirements, I WOULD NOT SELECT OR BUY the Product OR Platform….so, we find ourselves in a strange world. BUT, what if we could IMAGINE A WORLD that was better?
Imagining a Better World
NOW….
Imagine in that same world, there was a cryptographic library that encrypted data to provide data Confidentiality that achieved Information Theoretic Security, meaning even with infinite compute power and time, your data is actually SECURE, not just Quantum Safe or Resistant from AI attack.
Imagine in that same world, your company could use this library to protect their data & their customers privacy from ALL Quantum & AI threats, and that you could implement this in hours, so you no longer have to worry about PQC standards or Q-Day.
Imagine in that same world, your company could use one cryptographic library that worked consistently for all use cases, across all products and platforms, across all devices and operating systems, for all development languages and you didn’t need any hardware.
Imagine in that same world, one developer in your company could do this and you did not need a team of 5 or 6 people (dev-ops, sec-ops, network engineer, firewall engineers etc) to support them implementing & operating the solution.
Imagine in that same world, this library reduced architectural complexity, reduced time to value and reduced total cost of ownership, whilst meeting the non-functional requirements to protect from all AI & Quantum compute threats.
Imagine in that same world, this library protected an organisations budget by achieving best in class return on investment, as you would only need to implement the changes required once, not many times as with existing NIST standards.
Imagine in that same world, this library also encrypted data to provide data authentication and authorisation, so only authorised Identities can decrypt their data, delivering dynamic data privacy.
Imagine in that same world, this library also encrypted data to provide data Integrity and Non-repudiation so you can be confident data has not been compromised in both transit or at rest, to simplify and secure.
Imagine in that same world, your encrypted data also provided dynamic data expiration, meaning you can set a time data is available to decrypt, after which, both authorised or unauthorised identities would be unable to decrypt the data.
Imagine in that same world, this library can be integrated with existing protocols, minimising changes to ways of working and minimise changes to existing processes i.e., encrypt an email message or attachment, encrypt a file sent over SFTP or API call.
That world is here now….and for the 1 quintillion cryptographic events that happen daily, that day could not be sooner.
In this new world, as a Technology Professional, I NOW have a choice, and this choice seems like a better fit to my current and future functional and non-functional requirements.
So, If you or your company want to use a Cryptographic library that you implement once across your architecture, that is SECURE from both AI and Quantum threats, now and in the future, then check out what we have to offer here – Subscription Features, or sign up to get started here – https://incrypteon.com/. If you have any questions, then contact us at [email protected].
What are you waiting for??
Please join us on our journey!
Steve, Helder & Ian – Incrypteon Co-founders