Qrypt offers solutions to make One-Time Pads, the only known information theoretically secure symmetric encryption algorithm, finally practical in industry.
A cryptographic algorithm is considered secure, when the algorithm has been around for several years, and there is still no known method to “break” the algorithm with a classical computer.
For example, the widely used RSA algorithm has been around since 1977 with no significant progress made on a method to break it with a classical computer.
With the age of quantum computers being on the horizon, researchers have also explored methods to break cryptography using a quantum computer. Post-quantum cryptography means that after years of research, there is still no known method to “break” the cryptography, even given a quantum computer.
For example, RSA, would not satisfy post-quantum security because Shor’s algorithm, an attack using a quantum computer, was discovered to break RSA in 1994. On the other hand, AES-256 is considered post-quantum because no quantum attacks have been discovered since its publication in 1998.
A One-Time Pad cipher is when a randomly chosen key, the same length of the plaintext, is XORed with the plaintext to produce the ciphertext. If the key is truly chosen randomly, all plaintexts of the given size are equally likely to have produced the ciphertext.
One-Time Pads have been mathematically proven to be information theoretically secure, meaning there is a mathematical proof that there exist no attacks (even with a computationally unbounded adversary) that can break a One-Time Pad. On the other hand, it is possible for a “post-quantum” algorithm to be broken, if in the future, someone were to discover a quantum attack on the algorithm.
One-Time Pads are only secure if the key is truly random, and only recent quantum technology has made truly random keys possible.
In addition, One-Time Pads are only secure if the keys are never reused. This means we need to share a newly randomly generated key, which is the same size of the plaintext, every time we want to send a new plaintext message. This reduces the security of the One-Time Pad down to the security of the key exchange algorithm.
Qrypt offers a novel key generation solution, which offers everlasting security.
|Algorithms||Level of Security||Drawbacks|
|RSA, Diffie Hellman, ECDH||Classical security||
|Classic McEliece, CRYSTALS-KYBER, FrodoKEM||Post-quantum security||
|Quantum Key Distribution (QKD): BB84, E91, B92||Information theoretically secure (dependent on accuracy of hardware)||
|Qrypt solution||Everlasting security (explained below)||
A protocol which achieves everlasting security guarantees that an encryption is information theoretically secure, given that the initial key exchange of the seed S is not broken within a time T which we can choose (i.e. an hour). This means that an hour after the two parties exchange an initial seed S, even a computationally unbounded adversary (with access to both classical and quantum computers) cannot break the encryption.
Classical security that is vulnerable to quantum computers (i.e. RSA, ECDH)
Post quantum security that has no known algorithm that quantum computers could run to break (i.e. FrodoKEM, Crystals-Kyber)
For levels 1 and 2, to break the encryption, an adversary would need to:
3a) Everlasting security which is provably secure against an unbounded adversary after phase 1 (while the server is still accepting decryption requests), where:
3b) Everlasting security which is provably secure against an unbounded adversary after phase 1 (while the server is still accepting decryption requests), where:
3c) Everlasting security which is provably secure against an unbounded adversary after phase 1 (while the server is still accepting decryption requests), where:
For levels 3a, 3b, and 3c, to break the encryption, an adversary would need to: