IBM Research scientists in Zurich are already developing practical cryptographic solutions that are resistant even to quantum computers of the future.


IBM’s strategy in the cybersecurity chapter comes from afar, with constant achievements in a scientific and theoretical stage of high flights (more than 8,000 patents), and which employs 8,000 full-time dedicated employees plus 2,000 additional external experts. This reports 3.4 billion dollars in turnover in this area, 66% more than the previous year, and the other day we had the opportunity in petit committee to advance some challenges within the EU H2020 framework program. One of the most promising, due to the novelty of its approach, is the use for the first time of increased cognitive intelligence in Watson for Cybersecurity , with the integration of the analytical platform QRadar Advisor . The use of AI is democratizing, which means that sooner or later, if not already, it will be in the hands of cyberhackers, increasing the reach of their misdeeds and the sophistication of their attacks. < / span>

Getting into the enemy’s mind is part of defense strategy. That is why four X-Force Red Labs command centers have recently been created, made up of teams of ethical hackers, dedicated to checking the robustness of customer systems that want to test and find potential vulnerabilities, especially in both industrial and domestic IoT environments. «We have also opened in Cambridge, near Boston (Massachuttes) the first Cyber ​​Range in the industry where participants can experience live cyber attacks as simulated training exercises,» says Isabel Tristán, Director of Security Sales at IBM Spain. “We are going to make a replica and we are going to put it in a trailer to bring it to Europe that travels through different cities to show it closely to our clients and perform proof of concept, such as hiding a ransomware in a video surveillance application.”

 IBM Research

Another fundamental point is that of the < strong> alliances (cataloged as “historical” is the one developed with Cisco and VMware to protect from endpoints to the cloud, through networks). In February 2018, the ten key principles of the “Letter of Trust” were signed that promotes collaboration between security developers, service providers, companies and public bodies, based on the IoC, the commitment indicators > that allows sharing sensitive attack information anonymously to establish joint strategies.

« Like health organizations Everyone can stop pandemics by sharing information in humanitarian emergency , so should security professionals. It is impossible that individually you can fight successfully and effectively with an invisible enemy. By sharing information about threats and new tools, organizations can proactively search for and stop attacks, create automated responses to incidents, and organize processes from alerting key stakeholders to disabling infected devices, ”says Tristán. «The first thing to do in an infiltration case is a crisis cabinet with various profiles (engineers, lawyers, forensic analysts, spokespersons) to have a more effective joint vision.»

Arms race

The escalation in the intelligence of cyber attacks sharpens ingenuity and complicates its detection. Far are those first polymorphic and mutant bugs of the 80 years based on the obfuscation that became immune to static analysis of files in search of patterns. Or those Trojans of the 90 encrypted , which had to be quarantined in virtualized sandboxes. Of course, once the trick was learned, the hackers developed techniques that verified whether their worms pass through a virtual environment so as not to waste their load and be detected early, for example with baremetal systems to precisely avoid virtualization According to IBM Research, 98% of the malware analyzed today today is elusive to varying degrees, although learning more sophisticated techniques every day, such as targeted attacks based on facial recognition, from Voice or GPS positioning.

« These section your infection routines forward crawlers that carefully inspects the environment in which they run for suspicious predefined features, such as usernames and help processes. Only if the destination endpoint is clear, the malware is searched and executed. A known example of concealment is the Stuxnet worm, which was programmed to target and attack only control systems of a particular manufacturer, and only with certain hardware and software configurations, ”explains Michael Osborne, researcher at the Zurich Reseach Laboratory in IBM Switzerland.

 IBM Research

In this war escalation, the engineers of the IBM Research has a lot to say, with tools already in the production phase based on AI.One of them is DeepLocker , a kind of tracking head missile that as soon as it locates a target pursues it relentlessly, especially since the malware has become evasive and is able to actively avoid being analyzed and identified masking or camouflaging itself in host systems.

How does it work? The best thing about DeepLocker is that it works like malware. Not in vain, it uses the evolved principles of elusive malware, which awaits its opportunity crouched until it recognizes its predefined triggers, which are often triggers of deception. “It is designed to be stealthy, flies under the radar and remains hidden in an application until, thanks to its AI training, it is activated only when it identifies the suspect, executing an accurate shot in contrast to the traditional burst approach , ”adds Osborne.

Also, «armed the missile» is virtually impossible to stop since cybercriminals could only unlock their cargo once it had reached them. «This is possible by using an AI model of deep neural network (DNN) that prevents cybercriminals from unlocking it through the use of reverse engineering,» says Osborne. The good news is that no malware of this type has yet been identified among cybercrime, although the community needs to be preparing for this new level of AI attacks.

And quantum computing arrives

In any case, these defensive tactics and Offenses can be framed within the reasonable and predictable way in a roadmap, yes, more and more powerful and deadly. But if a quantum computer with enough cubits appeared today, virtually all Internet communications would become transparent , as it would be impossible to avoid RSA (asymmetric public key) decryption; with the ECC (symmetric) its effectiveness would be reduced by half, although the key size can be doubled to keep them safe even if quantum computers are used.

« That’s why IBM Research scientists they are developing encryption solutions that are resistant to possible security threats that quantum computing may pose. Every encryption algorithm has a breaking point , and despite the fact that huge computing capabilities are currently needed (limited by linear growth based on doubling the power of processors), when it is accessible quantum computing will scale its computing power exponentially every time a cubit is added, ”explains Dave Braines, CTO Emerging Technology in IBM UK.

 IBM Research

that’s why you have to start already today to prepare the systems to withstand the onslaught not only of machine learning or deep learning, but the attacks by quantum. “We have to do something now, because the data today, we will also need to in the future. But some critical data is not, we will be able to update if not we take the appropriate measures. Now there are many data that legally must be retained: communications, purchasing and procurement, toxic substances, government secrets…”, says Braines. “The ideal would be to learn to enter the algorithms that run today on computers are not quantum but suitable for when you have quantum computers. Among the options most suitable, are the encryption homomorphic, and the encryption based on lattices”.

The journey of the quantum has already been initiated. In the past three years, hundreds of millions of dollars have been invested in R & D for quantum computing (200 million annually in the U.S. according to some source). Only China has released 10,000 million dollars in 2018 for the construction of the National Laboratory of Quantum Information in Hefei, which should be ready in 2020. The founding phase and theoretical science is very advanced. The roadmap determines that for 2023 should be finished the approval phase of standards, for you to migrate your sensitive data to a secure encryption of quantum, while it should close the window to new schemes of encryption that does not resist an attack by quantum (including blockchain and bitcoins -it is estimated that their key ECDSA 256-bit may be broken when there are quantum systems of about 1,500 cúbits, although the experimental systems of current known barely reach 50 cúbits-).

For millennia, we have used cryptography to keep information in secret or in private while being transferred or stored. However, we have never been able to keep the information secret while being processed or used. IBM invented a decade ago, a technology called encryption homomorphic call to revolutionize the security and exchange of information with external environments, sometimes unreliable,” explains Braines. “However, until now its use had not frozen because it was considered too slow for daily use due to the enormous computing power required. Currently, the researchers of the Research Lab of IBM in Zurich we are already overcoming this barrier thanks to the advances in the design of the algorithmic and hardware HPC (high performance computing)”.

This means that you can use your personal information for processing, and use while still encrypted, which allows you to follow hidden to the eyes of the that is not enabled nor intended. This makes it ideal for environments where critical information or private must be jealously treated by authorized personnel, but whose value increases if it is shared by a third party: second medical opinions, a composition of a drug, prospecting, mining, bank information, relevant life policies, cars under secret of summary, cyber-attacks… In fact, any entity that requires artificial intelligence, machine learning and analytical, able to encrypt their data and outsource your analysis without exposing neither the data nor the results of the analysis.

The encrypted homomórfico ensures that the data are never decrypted at once, which allows its manipulation by authorized parties. Is something as well as a photographic film: yes you can not see the pictures, except those that are revealed on paper in the dark room; in a similar way, with this type of encryption the data can be manipulated but remain hidden within a text encryption”, explains Braines. In an environment that is more sophisticated, you can restrict selectively the decryption, so that people can only see the parts strictly necessary for a file to be able to do their particular job or for a certain time. The encryption homomórfico would allow collaboration in the cloud and benchmarks, facilitating cross-sectoral collaboration, even between competitors who seek to make advanced analytics on encrypted data of common interest.

IBM Research

Other examples: companies in the field sanitary you could aggregate and analyze encrypted data from medical research to accelerate the discovery of drugs, without disclosing confidential information or the company or of the patient; malls, or chain stores, you could send specific offers to certain phones as the GPS location and the number are kept encrypted for one of the parties; banks, have a customer for life with a score negative and high risk and is going to ask for a credit, and the business does not want to look bad with a negative, but not going to another bank”, adds the researcher from IBM.

Regarding the encryption based on lattices, is another ace, which are stored in the sleeve, the cryptographers from IBM. This works as easter eggs, where the programmer hides the data inside of complex mathematical problems on algebraic structures called lattices. It is believed that this additional complexity to protect the information will be sufficiently effective even when quantum computers become strong enough to decrypt the encryption techniques in place. It will suffice to add one more problem to each lattice.