In the mature and highly competitive smart card industry it is notoriously difficult to gain a competitive edge or break into new markets. The smart card industry is always looking for ways to reduce cost at low risk while increasing functionality and market appeal.

One large application space in the smart card market that is under developed is personal and enterprise desktop security. Smart cards are uniquely positioned to increase day-to-day personal and business security by performing sensitive cryptographic operations in a secure computing environment. However smart cards need a compelling unique value proposition that enables them to penetrate this market in a ubiquitous way.

This unique value proposition may be found in the looming challenges presented by the anticipated arrival of code-breaking quantum computers:

The time needed to factor an RSA integer is the same order as the time needed to use that same integer as modulus for a single RSA encryption.   In other words, it takes no more time to break RSA on a quantum computer (up to a multiplicative constant) than to use it legitimately on a classical computer.

In the medium term, we need to be prepared for the eventuality that large quantum computers could be built: this would require an upgrade of most symmetric cryptographic algorithms and a completely new generation of public-key algorithms.

Synaptic Laboratories have designed a suite of cryptographic technologies that can replace the at-risk RSA and ECC technologies. Synaptic offers the worlds first high-assurance many-to-many key exchange technology suitable to enable next generation e-commerce and other secure Internet communications through the use of symmetric techniques. Synaptic was able to solve the previous open cryptographic problems by taking advantage of the unique security features found in smart cards and hardware security modules. To ensure rapid adoption we have ensured that all security functions previously limited to high-end smart cards can be performed on lower-cost high security smart cards. To increase market appeal we have designed our solution to enable up to 100 year security ratings on medium to high end smart cards.

In the remainder of the article we will review how Synaptic Labs' technologies can reduce cost, and achieve long term security in smart cards.

How cheaply and effectively can ALL the security components be deployed in smart cards?

A full featured security system typically requires five core security operations. We list those 5 core operations and beside them an example of the technologies traditionally used to implement them:

If these operations are all implemented in software then there is no additional hardware circuitry costs. Unfortunately software implementations of these algorithms run significantly slower in smart cards than hardware accelerated or hardware dedicated implementations. This in turn may limit their suitability for a wide range of commercially important applications.

To manage the various price performance requirements of different applications the smart card market has segmented itself into memory cards, micro controller unit (MCU) cards, MCU+DES, MCU+RSA+ECC, MCU+DES+RSA+ECC. Within this ecosystem the most common hardware accelerated cipher remains the DES cipher on account of its favour in the banking community (3DES) and its relatively low cost to implement (3-6k gates>).

With this knowledge in hand, Synaptic has designed a post quantum secure cipher-hash called PQSDES. PQSDES is accelerated using a DES coprocessor attached to the MCU. Synaptic Labs' PQSDES cipher-hash function performs high speed encryption, message authentication, hashing.

More importantly PQSDES has been designed to enable next generation key exchanges (Group, Universal and/or Enterprise Key Exchange) and digital signatures (Lamport-Diffie-Merkle) operations that can replace RSA+ECC on smart cards which we will describe below.

By adopting PQSDES and Synaptic Labs' suite of security technologies it is possible for the smart-card industry to uniquely place it self as a provider of security services to the global community.

How many years of security can smart cards achieve with high assurance?

My colleagues at MIT and I have been building simple quantum computers and executing quantum algorithms since 1996, as have other scientists around the world. Quantum computers work as promised. If they can be scaled up, to thousands or tens of thousands of qubits from their current size of a dozen or so, watch out!”

The duration of security (measured in years) offered by traditional cryptosystems is limited by advances in conventional and quantum computing attacks. Advances in conventional attacks make periodic marginally secure key-size upgrades necessary and leaves all earlier data secured by the super ceded security exposed for decryption and exploitation if it has been recorded. With respect to quantum computers, the short answer is that mainstream public key algorithms (RSA, D&H, ECC), as commonly deployed in smart cards can offer no security with high-assurance against code breaking quantum computer attacks. Click here to read about quantum computer attacks. Click here to read about the anticipated timeline for code breaking quantum computers.

It simply is not possible to guarantee that RSA, D&H or ECC will offer any security 10 years into the future from now, perhaps even sooner. They are the weak link in all modern security systems. After code-breaking quantum computers arrive these algorithms and devices that rely upon them will offer effectively no security against those who can gain access to quantum computing services. Hackers recording currently secure traffic will be able to auction that data to the highest bidder. 

Synaptic proposes software upgrades to existing devices that overcome the risks through the use of alternative algorithms for digital signatures and key exchanges. These digital signatures are well known and Synaptic Labs' key exchanges are built on techniques that are well established. Together they can protect RSA, D&H and ECC, or simply replace them. They can remove the need, costs and risks arising from periodic upgrades and code breaking quantum computer attacks.

Hitachi and the Technical University of Darmstadt (TUD) have improved the approximately 30 year old Lamport-Diffie-Merkle digital signature technologies to create a high performance digital signature scheme that can compete directly with RSA and ECC. The advantage of the Lamport-Diffie-Merkle schemes is in the simplicity of their security model. The security of these signatures is directly derived from the strength of the cryptographic hash function such as NIST SHA-2 or Synaptic’s PQSDES (or Synaptic Labs' PQSAES that uses AES instead of DES at its core) hash function. Synaptic’s hash functions enable these digital signature schemes to be directly run in smart cards without retooling.

This just leaves the problem of protecting or replacing the RSA / D&H / ECC key exchanges. Synaptic has created a suite of key exchange technologies that are suitable to replace or wrap around the at risk components. Similar to the Hitachi and TUD digital signature schemes, the security of the scheme is derived from the strength of the hash function.

If appropriate security parameters are used then it is possible to argue with high assurance that these systems will achieve 100+ year security ratings.

Can Synaptic Labs' security system support the full range of commercial applications?

Synaptic’s range of post quantum secure technologies are capable of EFFICIENTLY fulfilling all core security applications for network attached devices, including key exchanges between any two devices out of a group of billions of devices, and digital signatures. In theory US NIST components such as AES-256 and SHA-512 could be used however PQSDES offers a superior solution on smart cards.

Many offline and semi-offline security techniques are also possible depending on the application context. Offline identity applications can be trivially supported using next generation digital signature technologies. The specifications for more complex operations such as semi-offline credit-card transactions are currently under development.

Conclusion

Synaptic technologies enable the full range of cryptographic operations to be securely implemented in smart cards devices that could previously achieve only limited or slow security operations. Synaptic technologies reduce the manufacturing cost required to achieve the core cryptographic operations thereby providing an economic advantage over conventional solutions. The ability to achieve 100 year security provides value to your customers by removing the data security risks presented by the need for periodic security upgrades of marginally secure systems. The ability to achieve 100 year security also begins to protect the global community from a simultaneous failure of security devices. Synaptic allows many existing smart cards to achieve this upgrade without retooling or redesign facilitating rapid entry to market and the ability to lower manufacturing costs and increase margins in the next generation of product release.