Years ago, when we realized that the safes and security alarms we used in our homes were insufficient to secure our material savings against thieves, we found the security in bank vaults and bank digital environments. What would you think if I told you that the security levels of banks that have not undergone quantum transformation are no longer different from a camera or safe in our house?
At the heart of the operations of banks and financial services are largely information technology components. Extensive but traditional cryptography methods are used to cover accessibility, integrity and confidentiality. Examples of protocols and cryptography used in finance and payment systems can be listed as follows: (1) Backup and disaster recovery must be maintained for intra-organizational communication information transfer within the corporate network or between data centers. Typically these systems implement AES encryption in hardware or software. (2) Interbank financial messaging across the SWIFT network is used to transfer payment orders, allowing standardized, encrypted transactions between different banks around the world. SWIFT runs a Public Key Infrastructure to digitally sign and encrypt messages sent over it. (3) Credit card information is protected according to the PCI-DSS standard. The encryption method used in data transfer is the traditional symmetric key method. (4) Traditional AES encryption method is used for both local and cloud access of stored data. (5) Online banking uses traditional TLS protocol to access web traffic. (6) Server authentication is performed using X.509 certificates and RSA public keys.
The risks in quantum transformation of the protocol and encryption methods used in the above articles and my suggestions for minimizing these risks are as follows.
If it takes a classical computer one day to crack a certain 56-bit encryption, a quantum computer can break it in just 0.322 milliseconds, or a thousandth of the blink of an eye. If it takes a classical computer a year to crack 64-bit encryption, a quantum computer does it in 7.3 milliseconds. Therefore, larger key sizes should be used to counter quantum attacks. For symmetric encryption to be considered quantum resistant, it must have a key length of 256 bits. An encryption system like AES-256 would be equivalent to AES-128 in a post-quantum world.
In general, symmetric encryption algorithms such as AES and DES, which are no longer secure, do not include integer factoring and thus Shor's algorithm provides no benefit in quantum attacks. There are two options: perform the integer factorization in Shor's algorithm with Qiskit, or accept the expiration date.
The 2048-Bit RSA encryption method can be cracked by quantum transformation in just eight hours! The data of critical financial assets of institutions such as government, national defense, army and embassies are in serious danger. If the data for the critical structures mentioned is still being sent via 2048-bit RSA encryption or similar, these organizations should start to worry! of Cornel University
How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits” proves this proposal. Organizations using RSA encryption have no choice but to migrate to new quantum resistant encryption schemes and algorithms.
As a result, the financial and payment systems security backbone must urgently undergo quantum transformation. The fact that traditional security, encryption methodologies and protocols can deactivate in less than a blink of an eye are just the first drops of a quantum storm!
McClansy Founder
Ismail Orhan
Translated from https://hbrturkiye.com/sponsorlu-icerik/finans-ve-odeme-sistemsinde-kuantum-teknolojisinde-etkileri
McClansy Security Corporation
Workinton AND Kozyatağı, E-5 Yan yolu, Umut Sok., Kozyatağı - Ataşehir/İstanbul, Türkiye
Tel: +90 216 225 9454 Mobil: +90 532 688 8296
Copyright © 2021 McClansy Security Corporation - All Rights Reserved.
info@mcclansy.com
Announcing! With great pride and enthusiasm, we are sharing our latest publication, "Quantum Security: The Cyber Frontiers of the Future," with our esteemed readers. In this work, we provide an in-depth look at the interaction of quantum technology with cyber security. A must-have resource for enthusiasts of knowledge and technology!