Maksim Iavich is PH.D. in mathematics and professor of computer science. He is CEO & President of Scientific Cyber Security Association (SCSA). Maksim is affiliate professor and the head of cyber security direction in Caucasus University. Maksim is cyber security consultant in Georgian and international organizations. He uses to be the invited speaker at international cyber security conferences and is the organizer of many scientific cyber security events. He has scientific awards in cyber security field. Maksim is the author of many scientific papers. The topics of the papers are: cyber security, cryptography, post-quantum cryptography, quantum cryptography, mathematical models and simulations.
Post quantum digital signature with OQRNG (optical quantum random number generator)
Google Corporation, NASA and the Universities Space Research Association (USRA) have teamed up with D-Wave, the manufacturer of quantum processors. Quantum computers will be able to break most, if not absolutely all conventional cryptosystems, that are widely used in practice, for example RSA.
Hash-based digital signature schemes offer an alternative. Like any other digital signature scheme, hash-based digital signature schemes use a cryptographic hash function. Their security relies on the collision resistance of that hash function.
In 1979 Ralph Merkle proposed Merkle signature scheme. Merkle signature scheme has efficiency problems, so it cannot be used in practice. World scientists are working on improving the scheme. One of the improvements is integrating PRNG not to calculate and store large amount of one-time keys pairs. This approach cannot be considered secure, because according to our research quantum computers are able to crack PRNG, which were considered safe against attacks of classical computers.
Pseudorandom number generators are widely used in Cryptography. This type of PRNGs are called cryptographically secure pseudorandom number generators CSPRNGs.
In the work it is offered to use hash based pseudo random number generator and the optical quantum random number generator for generating the seed.
As a CSPRNG in Merkle we offer an algorithm, based on a hash function. NIST has recommended two continuous hash based PRNGs: HASH_DBRG and HMAC_DBRG. We offer to use HASH_DBRG, as it is more efficient.
We offer to use physical quantum random number generator (QRNG) for generating the seed for HASH_DBRG.
In 1961 the researchers offered to use quantum phenomena as a source of randomness. Radioactive decay was a particularly accessible source of true randomness. Geiger-Muller tubes were already sensitive enough to capture and amplify α, β and γ radiation, well-characterized radioactive samples were available. Almost all radioactivity-based QRNGs were based on the detection of β radiation.
In a Geiger-Muller detector a single particle makes an ionization event, that is amplified in a Townsend avalanche. Any concrete atom’s probability to decay in a time interval (t, t + dt) can be presented as exponential random variable Pr(t)dt = λne^(−λnt)dt, where λn is a decay constant.
Time of arrival generators are the representatives of optical quantum random number generators (OQRNGs). The detector receives photons from LED incoherent light and from the coherent states from a laser in an exponentially distributed time λe−λt , where λ is an average number of photons per second. The time between two detections is exponential, as it is the difference of two exponential random variables. We can compare the differences of the time between the arrival of consecutive pulses, we will get two time differences t1 and t2, so we can compare them also. In order to get the random bit, if t1 > t0, we assign a 1 and if t0 > t1, we can assign a 0. We offer to use this time arrival generator as a seed of HASH_DBRG.
During the presentation the new scheme will be represented , and the attacks on it will be analyzed.
Are you the next cyber security superstar?
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
Sponsors & Partners
They help us make this conference possible.
As an infrastructure operator, technology integrator and IT&C services provider, Orange Business Services supports businesses and public entities in their digital transformation. Collect, transport, protect, store and process and analyze: they orchestrate every phase of the data journey, for your business to create even more value.