Thwarting Cyber Criminals with an Ultrafast Scheme
What are the odds that your digital identity will be stolen by cyber criminals? Why do bank payment systems crash when everybody is trying to pay for Christmas gifts by credit card? We all know that Internet banking systems struggle to deal with heavy data traffic over short periods. Now, help could be just a click away.
Researchers at the Norwegian University of Science and Technology (NTNU) have developed a new, ultrafast digital signature scheme that is 17,000 times faster than current systems for verification, and 10,000 times faster in providing a digital signature. The approach, called MQQ, is a way to address the most significant drawbacks with current data security systems. Existing systems, used with smart card applications or at credit card payment terminals, are often slow, lack sufficient security against quantum computing attacks, and have not been optimized for parallel processing.
To address these problems, Professors Danilo Gligoroski, Smile Markovski and Svein Johan Knapskog at NTNU’s Centre for Quantifiable Quality of Service in Communication Systems (Q2S), a Norwegian Centre of Excellence, developed MQQ. The team used what is called a trapdoor function, which is generated by quasigroup string transformations based on multivariate quadratic quasigroups.
Our use of the World Wide Web to conduct business — whether for the purposes of paying taxes or something as simple as buying a book online — is on the increase, and this reliance on digital information as a medium of commerce will only expand in the future. At the same time, computer criminals are getting smarter with the techniques they use to break into computer security systems to steal identities or banking information.
MQQ helps protect against this by providing a signing speed that is 10,000 times faster than corresponding RSA and elliptical curves digital signatures, and a verification process that is 17,000 faster than RSA and elliptical curves. In addition, MQQ is one of the first algorithms that has been specifically designed for parallel processing, which makes it possible to benefit from recent trends in multicore parallel processing and even double or triple the speed of the algorithm, and beyond.
“Due to the nature of its design, MQQ is secure against quantum computing attacks,” says Gligoroski.
The approach also has been found to be secure against all known multivariate quadratic attack methods.
“Q2S is getting stronger and stronger when it comes to developing security solutions,” says Svein Johan Knapskog, director of Q2S.
NTNU and Q2S, with Professor Gligoroski as the key designer, also have an entry in the international NIST Hash Function Competition, which has been organized by the National Institute of Standards and Technology in the United States to choose a new international hash function standard.
“We believe our submission, Blue Midnight Wish, which has made it to the second round of the competition, and is now competing with security legends such as Bruce Schneier, is among the best — if not the best — submission in the contest,” Knapskog says.