ToothPic is made by a quantum-safe component and a digital signature algorithm. Quantum safe digital algorithms exist and can be integrated with ToothPic.
Quantum Computing Threat
Quantum computing is a new technology based on machines that can manipulate quantum information, in short qubits. Concerning cryptography, the most important breakthrough in quantum computing is that problems that are hard on classical computers may become easy on quantum computers. Examples are the integer factorization problem and the discrete logarithm problem, on which the security of RSA and Diffie-Hellman key exchange relies, respectively. Even if current quantum computers are not an immediate threat for RSA or Diffie-Hellman key exchange, the main concern in the security community is summarized by the motto: harvest now, decrypt later. An adversary could collect large amounts of data encrypted with classical algorithms, which in a few years from now could become vulnerable to quantum computers [1].
Quantum-Safe Schemes
To face the threat of quantum computing, in recent years there has been active research on quantum safe schemes [2]. Those schemes may leverage two paradigms:
- Develop new algorithms based on computational problems that cannot be solved by quantum computers.
- Use unconditionally secure schemes, i.e., algorithms whose security does not depend on computational problems.
ToothPic Security
The security of ToothPic relies on two main components:
- Fuzzy Commitment [3]: In short, a uniformly random private key is encoded with an error correcting code and combined with a quantity derived from the camera sensor fingerprint. As proven in [4], this scheme is unconditionally secure. There are no computational assumptions, a quantum computer has no advantage in breaking it compared to a classical computer.
- Digital Signature: The private key is used in some cryptographic protocol, usually a digital signature scheme. In this case, the resulting protocol is quantum safe as long as the digital signature is quantum safe. The current implementation of ToothPic SDK is based on ECDSA, as per FIDO2 specifications. Because ECDSA is not quantum safe, the current ToothPic SDK is not quantum safe.
Quantum-Safe Digital Signatures
However, quantum safe digital signature schemes exist. Very recently, NIST has released FIPS 204 describing ML-DSA, a set of standard algorithms that can be used to generate and verify quantum safe digital signatures [5]. In addition, the first component in ToothPic, i.e., the fuzzy commitment, is already quantum safe.
Replacing ECDSA with ML-DSA
As described in [5], in case of memory constrained devices the private key of ML-DSA can be derived by a seed of 32 bytes. This is exactly the same size of the ECDSA private key used by ToothPic SDK. Of course, integrating ML-DSA within a quantum safe version of ToothPic SDK will require some engineering, however this is in principle feasible.
Conclusion
In conclusion, ToothPic technology can be considered as quantum safe ready, when combined with quantum safe digital signature schemes like ML-DSA.
References
[3] Ari Juels and Martin Wattenberg. 1999. A fuzzy commitment scheme. In Proceedings of the 6th ACM conference on Computer and communications security (CCS ’99). Association for Computing Machinery, New York, NY, USA, 28–36. https://doi.org/10.1145/319709.319714
[4] D. Valsesia, G. Coluccia, T. Bianchi and E. Magli, “User Authentication via PRNU-Based Physical Unclonable Functions,” in IEEE Transactions on Information Forensics and Security, vol. 12, no. 8, pp. 1941-1956, Aug. 2017, doi: 10.1109/TIFS.2017.2697402.
[5] https://doi.org/10.6028/NIST.FIPS.204
This article was authored by Tiziano Bianchi, CRO and Co-founder of ToothPic.
