Quantum Light Introduction

by Lawrence Klaes, Science Editor

Convergence of digital and physical worlds requires an entirely new cyber security arquitecture.

We are at the threshold of a real revolution in computer technology, one that will literally change how our society currently functions and interacts with the machines and systems we operate now in ways we can only imagine.

This technology is quantum computing and its key aspects, namely security. This computing system is so named for it operates on the very foundations and principles of quantum physics. Utilizing the seemingly magical properties of the quantum state in our macroscopic world, quantum computing offers the ability to store data in quantities that may seem as unbelievable to us as a modern laptop holding terabytes of information would to someone at the start of the Computer Age in the mid-Twentieth Century.

Protecting the New Gold Standard: Information

In the often prescient 1992 film Sneakers, the character of Cosmo explains what has become the true ultimate commodity of the modern technological era:

“The world isn’t run by weapons anymore, or energy or money. It’s run by ones and zeroes, little bits of data. It’s all just electrons.

“There’s a war out there, old friend, a world war. And it’s not about who’s got the most bullets. It’s about who controls the information …what we see and hear, how we work, what we think. It’s all about the information.”

Our civilization runs on information of all sorts every second of every day. Most of this information is now stored, analyzed, filtered, and run through our elaborate systems of computers and the networks that deliver and collect them.

While much of the information our society needs to function is widely available, there is also a plethora of data that requires being protected for reasons ranging from personal privacy to national security. While current computers have a wide range of methods to secure the information placed on them, it is not always enough. Someone always seems ready and able to find a way to break through even the most sophisticated security cyphers and codes.

Quantum computers can change all this. Using the rules of quantum physics, more information could be stored on such a system than would ever be possible on a machine in the macrorealm. These same physics can also provide encryption protection that would make it virtually impossible to decode or otherwise break both stored data and its transmission from one computer system to another.

This medium is new and pioneering. There are many obstacles to overcome. Nevertheless, quantum computing and cryptography are real and offer possibilities that could transform our world and our species in ways we now only think of as science fiction. Quantum Light is leading the way in this incredible tomorrow. Learn how here

Optical Security by the Laws of Physics

by Floren Cabrera F. de Teresa

Our world-wide-web cannot be effectively secured from hacking and much less can we currently secure “embedded devices” in the so-called “Internet-of-things.”

The security architecture of the Internet’s TCP/IP packet and DNS routing networks has largely been exceeded in terms of current capabilities to secure the Internet-of-Things. This is due to the fact a number of structural vulnerabilities exist – some still “zero-day” and others were inadvertently incorporated into the architecture for example of x86 chipsets. Many computer processors can be accessed via MINIX-3 types of utilities in order to easily obtain plain-text user-credentials dumps, directly from most types of x86 chipsets and exposing many mission critical devices to hacking threats.

The most worrisome “threat-model” is that of compromising user-credentials on-line and this has been manifest by an increasing number of “connected car” robberies and car hijackings using user compromised-credentials from typical hacks of mobile or laptop devices. In addition, the automotive industry is ill prepared to respond to this threat, as the “controller area network” (CAN) of cars is wide-open by necessity since there are no standards among many participants in the OEM electronics industry.

Vulnerabilities of the Internet and the “Internet-of-Things.”

  • IoT insecurity, low computational power & rigid Tx/Rx protocols
  • Network traffic transmission of encryption keys and sensitive plaintext credentials
  • IoT data and firmware updates (are not encrypted) and unverified before upload
  • Identity of servers is exposed by TCP/IP connection protocols for authentication
  • Firmware contains security information exposed in unencrypted traffic
  • Poorly implemented TLS 1.3 Standard as per the UK National Cyber Security Centre
  • Physical on-premise local services serious Ethernet and USB port vulnerabilities
  • Misconfigured SSL/TLS by users in addition to legacy hardware and software
  • Credentials at risk of being exposed by downloadable MCU/CPU firmware
  • Internet Cloud susceptible to SQL injection, cross-site scripting, request forgery and TLS implicit trust.

UK Automated and Electric Vehicle Bill and Cyber Security

The UK’s 2018 “Automated and Electric Vehicle” Bill poses serious liabilities for Insurance companies in case that an accident should occur without the requisite “critical software uploads and updates” as defined in the new Law. Most current “connected cars” simply use an SMS 3G/4G GSM connection via a mobile network carrier, without any thought for the required “authenticated software and firmware uploads, factory reset” and other features that now since April, are in effect mandated by Law. Therefore, we have a unique opportunity before us if we were able to rapidly deploy our AEBIS hardware/software retrofit solution.

This UK legislation addresses certain key principles of connected car security, most of which cannot be currently met by existing “connected car” entertainment and wireless systems! In other words, there could be up to 9 million vehicles on UK roads that are NOT compliant with UK law. This creates a significant risk exposure for insurance companies, as well as for drivers, who must provide proof effective of secure and authenticated firmware uploads, sanitation of user credentials or factory reboot and other features of security functionalities that current IoT (internet-of-things) automotive devices are simply not prepared to process nor are able to deliver with simple software updates.

Any viable solution that is fully compliant with the new 2018 Automated and Electric Vehicle UK Bill, will require a hardware retrofit module in order to increase the processing power and capabilities of the system to comply with UK new Laws. The insurance industry is particularly exposed to serious liabilities resulting from the current lack of compliance of connected cars.

1. – Retrofit telematics car market in the United Kingdom: there are over 32 million cars in the U.K. with an active secondary used car market valued at over £43 billion and representing over 400,000 trades per year.

2. – Connected car market in the UK, with over 8.5 million connected vehicles that are on the road today. We have traction with one of the top-ranked Venture Capital investors in AI autonomous car in the UK and if we were to deploy our solution with IBM Watson, we could close an important investment.

3. – The fleet market for long-haul lorry drivers and commercial vehicles that are constantly on the road. We are in confidential discussions with the largest fleet operators both in Europe and in America, with lots of traction and a possible sales order for our products. Three are literally millions of unprotected IoT devices, some of which are in mission critical networks. This is an urgent security need, which represents and technical challenge and an opportunity for Quantum Light to capture and together with the right large strategic partner – Helios Energia our parent company is honoured to be an IBM Business Partner. This “Big Play” business case. IoT cybersecurity problems are present for all Internet connected networks, including the IBM Cloud, since most IoT firmware and user data is not encrypted, firmware updates are most commonly not available for most “smart-devices” and those with software updates are not-encrypted and credentials are exposed.

Quantum Light Ltd has developed LightKey(R) in order to help our Clients mitigate the high level of cybersecurity risks and digital-threat environment that we all face today.