In the world of information technology, the term 'Post-Quantum Cryptography' refers to cryptographic algorithms (usually public key algorithms) that are thought to be secure against an attack by a quantum computer. As of 2021, this is not true for the most popular public-key algorithms, which can be efficiently broken by a sufficiently large quantum computer. The problem with currently popular public-key algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems can be easily solved on a sufficiently large quantum computer running Shor's algorithm. Even symmetric cryptographic algorithms, which are believed to be relatively secure against quantum computers, are vulnerable to attacks that can be carried out with a quantum computer.
On the other hand, 'Cloud Computing' is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models. The five essential characteristics are On-demand self-service, Broad network access, Resource pooling, Rapid elasticity or expansion, and Measured service. The three service models are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). The four deployment models are Private cloud, Community cloud, Public cloud, and Hybrid cloud.
Definition of Post-Quantum Cryptography
Post-Quantum Cryptography (PQC) is a branch of cryptography that focuses on cryptographic algorithms that are resistant to cryptographic attacks from both classical and quantum computers. The term 'post-quantum' refers to the era of quantum computers, which are not yet fully realized but are expected to have significant impacts on the field of cryptography. PQC aims to prepare for the eventuality of quantum computing becoming a reality by developing cryptographic systems that can withstand the computational power of quantum computers.
The primary goal of PQC is to develop cryptographic systems that are secure against both classical and quantum computer attacks. This involves creating algorithms that cannot be broken by any known quantum algorithm, even with unlimited computational resources. The security of these systems is based on mathematical problems that are believed to be hard for both classical and quantum computers.
Types of Post-Quantum Cryptographic Algorithms
There are several different types of post-quantum cryptographic algorithms, each based on a different hard mathematical problem. These include lattice-based cryptography, code-based cryptography, multivariate polynomial cryptography, hash-based cryptography, and supersingular elliptic curve isogeny cryptography. Each of these types of cryptography has its own strengths and weaknesses, and the choice of which to use in a given situation depends on the specific requirements of the system being secured.
Lattice-based cryptography is based on the hardness of certain problems in lattice theory, such as the Shortest Vector Problem (SVP) and the Closest Vector Problem (CVP). Code-based cryptography is based on the hardness of decoding a general linear code. Multivariate polynomial cryptography is based on the difficulty of solving systems of multivariate polynomials. Hash-based cryptography is based on the security of certain hash functions. Supersingular elliptic curve isogeny cryptography is based on the difficulty of the supersingular isogeny problem.
Definition of Cloud Computing
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
The five essential characteristics of cloud computing are On-demand self-service, Broad network access, Resource pooling, Rapid elasticity or expansion, and Measured service. On-demand self-service means that a consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider. Broad network access means capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations). Resource pooling means the provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. Rapid elasticity or expansion means capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. Measured service means cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts).
Service Models of Cloud Computing
The three service models of cloud computing are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). SaaS is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet. PaaS is a category of cloud computing services that provides a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app. IaaS is a form of cloud computing that provides virtualized computing resources over the Internet.
SaaS is typically accessed by users using a thin client via a web browser. SaaS has become a common delivery model for many business applications, including office and messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, content management (CM), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.
History of Post-Quantum Cryptography
The concept of post-quantum cryptography was first introduced in the late 20th century, following the discovery of quantum computing. Quantum computing is a type of computation that uses quantum bits, or qubits, which can be in a superposition of states, rather than classical bits, which can be in one of two states. This allows quantum computers to perform certain types of computations much more efficiently than classical computers. In particular, quantum computers can efficiently solve certain mathematical problems that are believed to be hard for classical computers, such as factoring large integers and solving discrete logarithm problems. These problems form the basis of many widely used cryptographic systems, including RSA and Diffie-Hellman, so the advent of quantum computing poses a significant threat to the security of these systems.
In response to this threat, researchers began to develop new cryptographic systems that are secure against quantum computer attacks. These systems are based on mathematical problems that are believed to be hard for both classical and quantum computers. The field of post-quantum cryptography was born out of this effort. The first post-quantum cryptographic algorithms were proposed in the late 1990s and early 2000s, and the field has been rapidly growing ever since.
Development of Post-Quantum Cryptographic Algorithms
The development of post-quantum cryptographic algorithms has been a major focus of research in the field of cryptography over the past two decades. The goal of this research is to develop cryptographic systems that are secure against both classical and quantum computer attacks. This involves creating algorithms that cannot be broken by any known quantum algorithm, even with unlimited computational resources. The security of these systems is based on mathematical problems that are believed to be hard for both classical and quantum computers.
There are several different types of post-quantum cryptographic algorithms, each based on a different hard mathematical problem. These include lattice-based cryptography, code-based cryptography, multivariate polynomial cryptography, hash-based cryptography, and supersingular elliptic curve isogeny cryptography. Each of these types of cryptography has its own strengths and weaknesses, and the choice of which to use in a given situation depends on the specific requirements of the system being secured.
History of Cloud Computing
The concept of cloud computing dates back to the 1960s, when John McCarthy opined that "computation may someday be organized as a public utility." Almost all the modern-day characteristics of cloud computing (elastic provision, provided as a utility, online, illusion of infinite supply), the comparison to the electricity industry and the use of public, private, government, and community forms, were thoroughly explored in Douglas Parkhill's 1966 book, "The Challenge of the Computer Utility."
The actual term "cloud" borrows from telephony in that telecommunications companies, who until the 1990s primarily offered dedicated point-to-point data circuits, began offering Virtual Private Network (VPN) services with comparable quality of service but at a much lower cost. By switching traffic to balance utilization as they saw fit, they were able to utilize their overall network bandwidth more effectively. The cloud symbol was used to denote the demarcation point between that which was the responsibility of the provider and that which was the responsibility of the user. Cloud computing extends this boundary to cover servers as well as the network infrastructure.
Evolution of Cloud Computing
After the dot-com bubble, Amazon played a key role in the development of cloud computing by modernizing their data centers, which, like most computer networks, were using as little as 10% of their capacity at any one time, just to leave room for occasional spikes. Having found that the new cloud architecture resulted in significant internal efficiency improvements whereby small, fast-moving "two-pizza teams" could add new features faster and more easily, Amazon initiated a new product development effort to provide cloud computing to external customers, and launched Amazon Web Service (AWS) on a utility computing basis in 2006.
In early 2008, Eucalyptus became the first open-source, AWS API-compatible platform for deploying private clouds. In early 2008, OpenNebula, enhanced in the RESERVOIR European Commission-funded project, became the first open-source software for deploying private and hybrid clouds, and for the federation of clouds. In the same year, efforts were focused on providing quality of service guarantees (as required by real-time interactive applications) to cloud-based infrastructures, in the framework of the IRMOS European Commission-funded project, resulting in a real-time cloud environment. By mid-2008, Gartner saw an opportunity for cloud computing "to shape the relationship among consumers of IT services, those who use IT services and those who sell them" and observed that "organizations are switching from company-owned hardware and software assets to per-use service-based models" so that the "projected shift to computing... will result in dramatic growth in IT products in some areas and significant reductions in other areas."
Use Cases of Post-Quantum Cryptography in Cloud Computing
Post-quantum cryptography has a number of potential use cases in cloud computing. One of the most important is securing data in transit between the cloud and the user. Currently, this is typically done using RSA or ECC, but these systems are vulnerable to attacks from quantum computers. Post-quantum cryptographic algorithms could be used to replace RSA and ECC in this context, providing a level of security that is resistant to quantum computer attacks.
Another potential use case is securing data at rest in the cloud. Data stored in the cloud is often encrypted to protect it from unauthorized access, but the encryption algorithms used are typically not resistant to quantum computer attacks. Post-quantum cryptographic algorithms could be used to encrypt data stored in the cloud, providing a level of security that is resistant to quantum computer attacks.
Specific Examples of Post-Quantum Cryptography in Cloud Computing
There are several specific examples of post-quantum cryptography being used in cloud computing. For example, Microsoft has been experimenting with the use of post-quantum cryptographic algorithms in its cloud services. In 2017, Microsoft launched a public preview of a post-quantum cryptography VPN that uses a post-quantum cryptographic algorithm to secure data in transit between the cloud and the user.
Another example is Google, which has been experimenting with the use of post-quantum cryptographic algorithms in its Chrome browser. In 2016, Google announced that it was testing a post-quantum cryptographic algorithm in Chrome to secure data in transit between the browser and Google's servers. This is not strictly a cloud computing example, but it is closely related, as many of the same principles apply.
Conclusion
In conclusion, post-quantum cryptography and cloud computing are two important areas of information technology that have significant potential for synergy. Post-quantum cryptographic algorithms can provide a level of security that is resistant to quantum computer attacks, which is important for securing data in transit and at rest in the cloud. As quantum computers become more powerful and more widely available, the use of post-quantum cryptography in cloud computing is likely to become increasingly important.
At the same time, cloud computing provides a platform for the deployment and use of post-quantum cryptographic algorithms. Cloud service providers have the resources and expertise to implement these algorithms and make them available to users, which can help to accelerate the adoption of post-quantum cryptography. In this way, cloud computing and post-quantum cryptography can mutually benefit each other, driving advances in both fields.