Connect with us

Hi, what are you looking for?

Tech & Science

Q&A: Protecting digital assets with mathematics (Includes interview)

Unbound Tech and its team of world-renowned cryptographers are reinventing the future of security and privacy through secure multi-party computation – offering companies a mathematical guarantee of security. This enables businesses to deliver, with unprecedented speed and scale, digital products and services which were previously beyond reach.

To discover more, Digital Journal spoke with Professor Yehuda Lindell, CEO and co-founder of the software-defined cryptography company Unbound Tech (and a professor in the Department of Computer Science at Bar-Ilan University), about how mathematics can boost privacy, security and compliance in companies; and with Unbound Co-founder Professor Nigel Smart.

Digital Journal: What is the current state of global cybersecurity risks?

Professor Yehuda Lindell: With the world becoming more digital every day, the risk due to cybersecurity is growing and will continue to grow. New threats, risks and attacks emerge every day, and as a result, ensuring cybersecurity best practices is an ongoing practice. From data breaches, to ransomware attacks and more, cybersecurity is a threat to ongoing business and can no longer be considered something that is just about checking off “best practice” boxes.

Today, many enterprises’ legacy systems remain in place, and organizations are approaching their security in silos – utilizing different cloud service providers, different management systems, different dedicated hardware and more across a variety of locations – leaving them with a fragmented security infrastructure that is difficult to manage and update but easy to attack. As an organization’s data and information is just as valuable as its financial assets, it’s vital that they do not have this information accessible from a single point of entry or key. From crypto exchanges to the world’s largest enterprises, every organization needs a key management system in place and those without, are at the highest risk of compromise.

DJ: Are organizations undergoing digital transformation more vulnerable to these risks?

Lindell: Absolutely! Enterprises tend to be conservative and maintain the existing security strategies they have had in place year-over-year. However, as cyber threats advance, this slow adoption and implementation of modern security measures already leaves an organization vulnerable.

When organisations transition, they often do not appreciate the security risks involved. Thus, at the time of transitioning, and before infrastructure has been tried and tested, organisations are most vulnerable.

DJ: How important is secure multi-party computation for addressing such threats?

Lindell: Multiparty computation (MPC) is a new tool that can be used to help organizations with key management and key protection in software so it’s suitable to today’s digital environment of virtualization and cloud. This approach allows organizations to innovate faster and more securely than ever before, freeing their infrastructure from physical constraints and allowing them to be agnostic to any specific cloud or computing environment. While this process is important, organisations need to have comprehensive defenses at all levels, and no single tool provides the solution.

DJ: What can Quantum-proof security offer?

Lindell: In the event that a quantum computer that can break cryptography is built, the world will need to transition to post-quantum cryptography (these are cryptographic schemes that are secure even against an attacker with a quantum computer). However, despite what many are saying and the splashy news headlines, it is worth stressing that the construction of such a computer is actually still an “if” and not a “when”. In any case, I strongly believe that if such a computer is built, it is still years away. Therefore, organisations should wait until the National Institute of Standards and Technology (NIST: the standards body for cryptography in the US) completes the post-quantum cryptography standardization process. Meanwhile, they should make sure that their cryptographic solutions are agile, meaning that they can be readily swapped out if the necessity arises. This is best practice, irrespective of quantum computing.

DJ: What services does Unbound Tech offer?

Lindell: As our world becomes increasingly digital and our physical and virtual worlds intersect, new security, privacy and compliance challenges emerge constantly. As a result, legacy processes are becoming outdated and restricting, and a new approach to the storage and transfer of information and assets needs to take hold.

Unbound provides solutions for key protection and key management in software, utilizing multi-party computation to ensure that an attacker has to simultaneously breach more than one device. By deploying Unbound’s solution with strong separation between devices, this achieves a high level of security, that is functionally easy to use. Working with leading global enterprises including many of the Fortune 500, our services are specifically designed to benefit organizations spanning a variety of industries including financial services, cryptocurrency, government, information technology and more.

For the final question, Professor Nigel Smart shares some key predictions for 2020.

DJ: What are your security predictions for 2020 and beyond?

Professor Nigel Smart: It should come as no surprise that attacks will continue to rise, and security will remain a primary concern for businesses. Among our predictions for cryptography in 2020 are:

Post-quantum Cryptography: There will be an increased focus on post-quantum cryptography. With the NIST “non-competition” entering its second round, companies will start to have a better idea of what the parameters in terms of key sizes, message sizes, etc for the next generation of public key algorithms will be. Whilst there is no need to update such algorithms in the next year it is worthwhile considering how one would update algorithms if/when the need arises.

Crypto-agility: This is a hot topic – we will not only have a problem with swapping out old algorithms when we need to upgrade to post-quantum algorithms. We already have issues with swapping out algorithms from the past which are past their sell by date. Think DES still being used in banking applications, or the still widespread use of MD5 and SHA-1. Thus designing in crypto agility is going to become more and more important in cryptographic systems.

Machine Learning: The development of machine learning on private data is starting to take off, with companies such as Facebook, Alibaba, Google, Microsoft, Visa and others investing in the space, and a host of startups bringing new technology to the table. The combination of cryptography and machine learning is only going to grow, and I suspect in 2020 this is going to become one of the most important areas as more companies and individuals become worried about the privacy implications of “big data”.

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Calling for urgent action is the international medical humanitarian organization Doctors Without Borders/Médecins Sans Frontières (MSF)

Business

The cathedral is on track to reopen on December 8 - Copyright AFP Ludovic MARINParis’s Notre-Dame Cathedral, ravaged by fire in 2019, is on...

Business

Saudi Aramco President & CEO Amin Nasser speaks during the CERAWeek oil summit in Houston, Texas - Copyright AFP Mark FelixPointing to the still...

Business

A recent article in the Wall Street Journal infers that some workers might be falling out of the job market altogether.