Fraunhofer leads project to ensure quantum-safe identities

Fraunhofer leads project to ensure quantum-safe identities

Technology News |
By Jean-Pierre Joosting

The security of digital identities is threatened by future quantum technologies. In the hands of attackers, quantum computers will be able to break classical encryption methods. To fend off such attacks, four partners, comprising Quant-X Security and Coding GmbH, Fraunhofer Institute for Photonic Microsystems IPMS, MTG AG , and the University of Regensburg, have launched the Quant-ID project. In this project, they are researching the development of novel methods and systems that guarantee cryptographic security in the long term based on quantum random numbers and post-quantum cryptography. Highly critical areas, such as government institutions, banks or insurance companies, will thus receive the necessary protection. The BMBF-funded project started in September 2022 and will run for three years.

In order to achieve greater acceptance for the digitization of services and business processes in society, user-friendly, reliable and privacy-protecting procedures must be established. In the project “Secure Quantum Communication for Critical Identity Access Management Infrastructures (Quant-ID)”, the participants are jointly researching reliable digital identities. The use of currently used network protocols is intended to facilitate the transition from classical encryption algorithms to quantum-safe methods. Deviating from the original physical term, quantum security here refers to protection against attacks by quantum computers.

“Our goal is to develop quantum-safe authorization of users in an IAM (Identity Access Management) architecture with the help of quantum random numbers and post-quantum cryptography,” explains Dr. Alexander Noack, group leader at the Fraunhofer Institute for Photonic Microsystems IPMS.

Post-quantum cryptography (PQC) refers to cryptographic algorithms that are used on classical hardware but promise security against attacks with quantum computers. In the project, the true random numbers required for these methods will be generated by a quantum random number generator (QRNG) to increase security.

“In addition, we also want to secure network communication, signatures and database encryption using post-quantum cryptography,” said Dr. Alexander Noack. Another goal of the joint project is to develop a quantum-safe “single sign-on” approach that enables access to various services with a single central login.

At the end of the project, the digital identities and quantum-safe authorization will be tested in a demonstrator in a realistic application using existing network protocols. In the process, the capabilities of the developed system will be compared with classical methods. The results of the subprojects will also be applicable on a modular basis. This offers network administrators and system managers the option of integrating either the entire system or only partial aspects.

By developing the concept in Germany, sovereignty regarding the security of national information technology systems will be strengthened. This results in a particularly high market potential for the project solution in highly sensitive areas and critical infrastructures such as in the area of banks, insurance companies, companies in the healthcare sector as well as public authorities and state institutions. These players in particular are dependent on meeting high security standards, as they are often exposed to increasingly complex attack structures. To support the application of the quantum random number generator, certification by the German Federal Office for Information Security (BSI) is also being sought.

The consortium’s motivation is to build up an interdisciplinary project team, to establish partnerships in Germany for overall solutions and to make safeguarding technologies against attacks by quantum computers accessible to everyone. “With this project, we want to create the basis for interdisciplinary collaborations for the efficient realization of quantum security in Germany” says the Fraunhofer IPMS group leader. The resulting quantum-safe version of OpenID Connect will be made available to the public for low cost as an open-source library.

Quant-ID creates the basis for highly secure protection in critical infrastructures in an end-to-end solution in Germany. The use case “Quantum-Secure eID” will increase the level of security against cyber-attacks for all resident companies and government institutions. At the same time, a basis for the long-term security of identity data and other sensitive data of German citizens will be created. “Through this path, the project pursues to protect Germany’s ethical, social and economic values early enough against foreign governmental and criminal attacks,” concludes Dr. Alexander Noack. The international positioning as a German consortium in a newly to be created public OpenID working group with the goal of defining “OpenID quantum” also guarantees the parallel connection to international standardization projects.

Image: Project “Secure Quantum Communication for Critical Identity Access Management Infrastructures – Quant-ID” launched by Quant-X Security and Coding GmbH, Fraunhofer Institute for Photonic Microsystems IPMS, MTG AG , and the University of Regensburg. Copyright Fraunhofer IPMS.


Related articles

Photonic computers with millions of Qubits
Researchers develop method to simulate entanglement
Intel demonstrates increased yield in quantum chip production
IoT authentication platform adds quantum-hardened private keys

If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :    eeNews on Google News


Linked Articles