Computational power is a fundamental aspect of encryption. It relies on many rounds of computation to produce cipher text (Lian et al, 2012, Putra et al, 2018). Furthermore, encryption relies on the computational difficulty of solving mathematical problems – which, while inherently solvable (determining factors of very large numbers), are not solved quickly enough using the current computational power of today – that is, unless a key is provided (Cesare, 2015) which means that “…our security depends on the speed of computers” (Naughton, 2019 ).
The computational requirements of encryption technology in general may actually reduce confidentiality and privacy. For example, in applications that do not possess sufficient computational resources such as RFID technology, weaker, less secure (and less computationally onerous) are often used instead. (Calmels et al, 2006). Its is likely that this will become problematic in the future when encryption algorithms require even more resources to compute.
In cryptography it is often assumed that cryptographic algorithms are purely mathematical objects (Putra et al, 2010), though as their research has shown, computation of encryption algorithms in hardware such as security chips, often and do can ‘leak’ information about the effects of the computation(power, time, sound, electro-magnetic waves and vibration), which has shown to lead to complete key discovery in AES through what is known as ‘Power analysis attacks’ (Putra et al, 2019). This has been shown to be true of quantum-based computing too (Scarani, 2014) which shows that hardware itself would need to be secured to prevent compromise.
While classic encryption relies on “conventional computational paradigms (ie. deterministic Turing machine”, other alternatives exist such as ‘light-based computing’ which has shown to overcome DES encryption in less time than conventional computing allows. (Sartakhti, 2018).
Even so, with the prediction of Moore’s law, which implies an increasing advancement of processing power(roughly doubling chip performance every 2 years) and the coming of the quantum age, which brings with it the ability of “unrestricted computational power”(Scarani, 2014) to solve these computationally-intensive problems (without a key) within practical reach (Cesare, 2015) - the reliance on purely computation (as a predictor of safe encryption) is starting to show its flaws.
The race is on to move to more secure algorithms - and standardisation and adoption are likely to be obstacles in the migration(Cesare, 2015). Other, perhaps less widely considered notions are who will actually ‘own’ any new cryptographic algorithm and the hardware, particularly those predicted in quantum cryptography and how long will it take for a standard to be agreed?
The “Stanford patents” (which includes Diffie-Helman) and the DES and RSA patents expired in 1997, 1993 and 2000 respectively (Vetter, 2010), which in later years has allowed greater freedom to use without risk of litigation, however has also increased our reliance on them. Furthermore, an interesting question is, will it be expensive and/or exclusive to encrypt data in the short term with newly patented algorithms, requiring one to obtain licenses such as those required to use RSA in the years prior to 1997? (vetter, 2010)
While it appears that encryption’s dependencies on time and computational power are directly related, another worrying scenario are the effects of the future, particularly that which was raised by the Dutch General Intelligence and Security Services : that todays confidential information, when revisited in the future (when such computational restrictions may well be easily achievable ) will expose and unhide all the secrets of yesterday, leading to what some call ‘intercept now, decrypt later’ (Cesare, 2015).
One problem that seem to be resilient, independent of the algorithm technology and the computational(or non-computation) mechanism involved, is the need for network administrators to be able to reason/administer and monitor encrypted traffic, and while encryption standards are open, royalty-free(Vetter, 2010) mechanism exist to legitimately classify and even detect types of applications and protocols in the underlying encrypted traffic (Velan et al, 2015 ) – something that will be increasingly difficult without new encryption standards.
Another problem which plagues anything new, be that new quantum-based cryptography machines, algorithms or much of anything to do with computing – is what time reveals and the future conceals and what US Defence Secretary Donald Rumsfeld eloquently phased “unknown unknowns”.
Quantum cryptography has known issues (citation) as does existing encryption algorithms like DES(Kolata, 1983), and so too will the current state of the art - all are vulnerable to the future and it appears that its just a matter of time before something new and unexpected reveals the next vulnerability. The question and the answer - is how fast can we react?
References
Naughton, J., 2019. We’re still a long way from making a quantum leap in web code-breaking | John Naughton. The Guardian.
Scarani, V. and Kurtsiefer, C. (2014) ‘The black paper of quantum cryptography: Real implementation problems’, Theoretical Computer Science, 560(1), pp. 27–32. doi: 10.1016/j.tcs.2014.09.015.
Greg Vetter (2010) ‘PATENTING CRYPTOGRAPHIC TECHNOLOGY’, Chicago-Kent Law Review, 84, pp. 757–1027.
Salimi Sartakhti, J. and Jalili, S. (2019) ‘On the computational power of the light: A plan for breaking data encryption standard’, Theoretical Computer Science. Elsevier B.V, 773, pp. 71–78. doi: 10.1016/j.tcs.2018.08.015.
Cesare, C. (2015) ‘Encryption faces quantum foe: researchers urge readiness against attacks from future-generation computers.’, Nature. Nature Publishing Group, 525(7568), pp. 167–168.
Kolata, G. (1983) ‘Flaws found in popular code’, Science (New York, N.Y.), 219(4583), pp. 369–370. doi: 10.1126/science.219.4583.369.
Putra, S. D. et al. (2019) ‘Power analysis attack against encryption devices: a comprehensive analysis of AES, DES, and BC3’, TELKOMNIKA (Telecommunication Computing Electronics and Control), 17(3), pp. 1282–1289. doi: 10.12928/telkomnika.v17i3.9384.
Calmels, B. et al. (2006) ‘Low-Cost Cryptography for Privacy in RFID Systems’, in Smart Card Research and Advanced Applications: 7th IFIP WG 8.8/11.2 International Conference, CARDIS 2006, Tarragona, Spain, April 19-21, 2006. Proceedings. Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 237–251. doi: 10.1007/11733447_17.
Velan, P. et al. (2015) ‘A survey of methods for encrypted traffic classification and analysis’, International Journal of Network Management, 25(5), pp. 355–374. doi: 10.1002/nem.1901.
Kapoor, B., Pandya, P. and Sherif, J. S. (2011) ‘Cryptography’, Kybernetes. Emerald Group Publishing Limited, 40(9/10), pp. 1422–1439. doi: 10.1108/03684921111169468.
Lian, J.H. & Chen, K. 2011, "Implementation of DES Encryption Algorithm Based on FPGA and Performance Analysis", Applied Mechanics and Materials, vol. 130-134, pp. 2953-2956.