Data Encryption Methods

Encryption is kind of a lie. Data can be encrypted at rest, and even in transit…but not “in use”. Fundamentally, CPUs execute arithmetic instructions on decrypted plaintext; even with secure enclaves. But what if we got *really* clever: — Mathematically, there is a solution. It’s just really, really slow. Fully Homomorphic Encryption allows for arithmetic computation *on* encrypted data. First published in 2009, each individual (x86) operation took 30 minutes!  AKA, about 10^12 times slower. — So why bother? Ignoring the performance costs, FHE opens up wild possibilities. Imagine being able to run ML models, Health Data processing, or financial transactions and not having to trust the cloud provider *at all*. — In 2025, we’ve gotten a million times faster; literally. Check out Google’s HEIR project as a quick way to play around with FHE in Python. As for accelerators themselves, there’s growing competition in this space!  Zama, Cornami, and Belfort Labs are doing a lot of interesting work in software, GPUs, FPGAs, and even custom silicon.

🚨 New OMB Report on Post-Quantum Cryptography (PQC)🚨 The Office of Management and Budget (OMB) has released a critical report detailing the strategy for migrating federal information systems to Post-Quantum Cryptography. This report is in response to the growing threat posed by the potential future capabilities of quantum computers to break existing cryptographic systems. **Key Points from the Report:** 🔑 **Start Migration Early**: The report emphasizes the need to begin migration to PQC before quantum computers capable of breaking current encryption become operational. This proactive approach is essential to mitigate risks associated with "record-now-decrypt-later" attacks. 🔑 **Focus on High-Impact Systems**: Priority should be given to high-impact systems and high-value assets. Ensuring these critical components are secure is paramount. 🔑 **Identify Early**: It's crucial to identify systems that cannot support PQC early in the process. This allows for timely planning and avoids migration delays. 🔑 **Cost Estimates**: The estimated cost for this transition is approximately $7.1 billion over the period from 2025 to 2035. This significant investment underscores the scale and importance of the task. 🔑 **Cryptographic Module Validation Program (CMVP)**: To ensure the proper implementation of PQC, the CMVP will play a vital role. This program will validate that the new cryptographic modules meet the necessary standards. The full report outlines a comprehensive strategy and underscores the federal government’s commitment to maintaining robust cybersecurity in the quantum computing era. This is a critical step in safeguarding our digital infrastructure against future threats. #Cybersecurity #PQC #QuantumComputing #FederalGovernment #Cryptography #DigitalSecurity #OMB #NIST

The CXO’s guide to Quantum Security Customers often tell me that the migration to post-quantum cryptography (PQC) will take them years, and some assets won’t ever be upgraded. While quantum’s long-term threat is clear, security leaders are grappling with the practical, multiyear journey of upgrading potentially thousands of devices, applications and data stores to be quantum-resistant. The “harvest now, decrypt later” threat raises the stakes. Nation-state actors are siphoning and stockpiling encrypted data today, waiting for the arrival of quantum computers to retroactively break it. The implication? Sensitive data may already be in the wrong hands and it’s only a matter of time before it can be put to use. What CXOs need is a clear path forward: Discover - Complete a comprehensive crypto inventory across your environment. You cannot protect what you cannot see. Protect - Achieve post-quantum decryption at scale with NGFW that have crypto-agility built right in, enabling your security as standards evolve.   Accelerate - Leverage segmentation along with emerging new capabilities, like cipher translation, to instantly upgrade legacy devices and applications to secure your data now while your organization upgrades devices and applications.  Read more https://bit.ly/4nVkurw

✏️CEPS (Centre for European Policy Studies) has just published the report "Strengthening the EU transition to a quantum-safe world" This 125-page publication offers a comprehensive and very timely analysis of the global transition toward quantum-safety, highlighting key recommendations and identifying the hurdles that we, as a community, still need to overcome. Accross its 10 general recommendations and 16 additional sector-specific ones, two key aspects take a prominent role: 👉 Operational challenges of the transition, like establishing business-level priorities, building executive support, addressing the limited cryptographic talent issue, cryptographic homogeneization in products, and building cryptographic inventories based on priorities. 👉 Coordination and the role for regulators, identifying that the EU lacks a coherent, unified transition framework, the need to ensure alignment and coherence across roadmaps and the risks of a fragmented transition. Key conclusions on the later, aligned with previous statements from the Europol Quantum Safe Financial Forum and FS-ISAC, is that quantum-safety is already part of the EU's operational resilience compliance through the “state of the art” security principle embedded in GDPR, DORA, CRA and NIS2. However, there is a recognised need for further guidance that can be achieved through open collaboration between the public and private sector. Although the report focuses on the financial, public, and defence sectors, its main takeaways can easily be extended to other critical domains—transport, energy, healthcare, and many more. The principles are the same, and the urgency is the same. This report is an important step forward, and my hope is that the ideas it lays out help shape the conversations and, more importantly, the actions we need across the EU. A well-aligned and coordinated transition is essential if we want the whole ecosystem to move toward a new age where we manage cryptography in a more mature, proactive, and resilient way. Kudos to CEPS, lorenzo pupillo, Carolina Polito, Swann A. and Afonso Ferreira, PhD for achieving this milestone. https://lnkd.in/dpWJ86q2

Last week #NIST released three post-#quantum #encryption standards. Why is this significant? Put simply, from a practical standpoint: risk management and compliance. First, on risk management: experts now say that quantum computing is less than a decade away. Quantum computers are expected to have the power to search large keyspaces very quickly, which means they will be able to decrypt current encryption. Moreover, it is entirely plausible that encrypted information recorded today is being stored for decryption when quantum computing becomes available. If you speculatively apply quantum-resistant encryption to your data now, you will reduce the risk of an adversary being able to successfully exploit your data when they have access to quantum computing. Second, on compliance: NIST is the governing body for standards in the USA, and many other nations take their encryption standards from NIST, as they do not have resources at the same scale as NIST. You can be certain that NIST-approved post-quantum algorithms will start being mentioned in various compliance checklists, as is the case currently with algorithms such as AES-256 and SHA-256. Note well that these algorithms have #FIPS numbers associated with them - meaning "Federal Information Processing Standard". Briefly, the approved algorithms are: 🔒 ML-KEM, for encrypted key exchange, as FIPS 203 🔒 ML-DSA, for digital signatures, as FIPS 204 🔒 SLH-DSA, for stateless hash-based digital signatures, as FIPS 205 There is a fourth algorithm, FN-DSA, also used for digital signatures, that is expected to be released in the next year.

Today, National Institute of Standards and Technology (NIST) published its finalized Guidelines for Evaluating ‘Differential Privacy’ Guarantees to De-Identify Data (NIST Special Publication 800-226), a very important publication in the field of privacy-preserving machine learning (PPML). See: https://lnkd.in/gkiv-eCQ The Guidelines aim to assist organizations in making the most of differential privacy, a technology that has been increasingly utilized to protect individual privacy while still allowing for valuable insights to be drawn from large datasets. They cover: I. Introduction to Differential Privacy (DP): - De-Identification and Re-Identification: Discusses how DP helps prevent the identification of individuals from aggregated data sets. - Unique Elements of DP: Explains what sets DP apart from other privacy-enhancing technologies. - Differential Privacy in the U.S. Federal Regulatory Landscape: Reviews how DP interacts with existing U.S. data protection laws. II. Core Concepts of Differential Privacy: - Differential Privacy Guarantee: Describes the foundational promise of DP, which is to provide a quantifiable level of privacy by adding statistical noise to data. - Mathematics and Properties of Differential Privacy: Outlines the mathematical underpinnings and key properties that ensure privacy. - Privacy Parameter ε (Epsilon): Explains the role of the privacy parameter in controlling the level of privacy versus data usability. - Variants and Units of Privacy: Discusses different forms of DP and how privacy is measured and applied to data units. III. Implementation and Practical Considerations: - Differentially Private Algorithms: Covers basic mechanisms like noise addition and their common elements used in creating differentially private data queries. - Utility and Accuracy: Discusses the trade-off between maintaining data usefulness and ensuring privacy. - Bias: Addresses potential biases that can arise in differentially private data processing. - Types of Data Queries: Details how different types of data queries (counting, summation, average, min/max) are handled under DP. IV. Advanced Topics and Deployment: - Machine Learning and Synthetic Data: Explores how DP is applied in ML and the generation of synthetic data. - Unstructured Data: Discusses challenges and strategies for applying DP to unstructured data. - Deploying Differential Privacy: Provides guidance on different models of trust and query handling, as well as potential implementation challenges. - Data Security and Access Control: Offers strategies for securing data and controlling access when implementing DP. V. Auditing and Empirical Measures: - Evaluating Differential Privacy: Details how organizations can audit and measure the effectiveness and real-world impact of DP implementations. Authors: Joseph Near David Darais Naomi Lefkovitz Gary Howarth, PhD

🔐 What if I told you that the technology preserving privacy is also the key to GDPR compliance? As the debate intensifies over how public blockchains align with the General Data Protection Regulation (GDPR), a family of technologies emerges as a clear and practical solution: Zero-Knowledge Proofs (ZKPs). 👉 The big challenge: How do we process personal data in a decentralized, immutable system without a single controller? 👉 The answer: verify without seeing. Confirm that something is true without revealing the underlying personal data. Thanks to advances like zk-rollups, the zkEVM, and ZK-SNARKs, Ethereum and other networks are enabling systems where: ✅ Validators no longer see personal data only cryptographic proofs. ✅ Transactions are executed with encrypted or pseudonymized inputs. ✅ Core GDPR principles like data minimization, the right to erasure (via metadata erasure), and privacy by design are upheld. The European Blockchain Association’s response to the EDPB makes it clear: it’s not about choosing between compliance or innovation. It’s about designing responsible architectures where privacy isn’t the exception it’s the default. 🌐 The blockchains of the future will be compliance-first, without sacrificing decentralization or performance. 📣 If you work in legal, privacy, or blockchain, now is the time to explore ZK as a regulatory enabler. The opportunity is not just technical it’s strategic. #ZK #GDPR #Blockchain #PrivacyTech #Compliance #zkEVM #zkRollups #Web3

Breakthrough for the #quantum internet: For the first time a major telco provider has successfully conducted entangled photon experiments - on its own infrastructure. ➡️ 30 kilometers, 17 days, 99 per cent fidelity. Our teams at T-Labs have successfully transmitted entangled photons over a fiber-optic network. Over a distance comparable to travelling from Berlin to Potsdam. The system automatically compensated for changing environmental conditions in the network.   Together with our partner Qunnect we have demonstrated that quantum entanglement works reliably. The goal: a quantum internet that supports applications beyond secure point-to-point networks. Therefore, it is necessary to distribute the types of entangled photons. The so-called qubits, that are used for #QuantumComputing, sensors or memory. Polarization qubits, like the ones used for this test, are highly compatible with many quantum devices. But: they are difficult to stabilize in fibers.   From the lab to the streets of Berlin: This success is a decisive step towards the quantum internet. 🔬 It shows how existing telecommunications infrastructure can support the quantum technologies of tomorrow. This opens the door to new forms of communication.   Why does this matter for people and society?   🗨️ Improved communications: The quantum internet promises faster and more efficient long-distance communications. 🔐 Maximum security: Entanglement can be used in quantum key distribution protocols. Enabling ultra-secure communication links for enterprises and government institutions 💡Technological advancement: high-precision time synchronization for satellite networks and highly accurate sensing in industrial IoT environments will need entanglement.   Developing quantum technologies isn’t just a technical challenge. A #humancentered approach asks how these systems can be built to serve real needs and be part of everyday infrastructure. With 2025 designated as the International Year of Quantum Science and Technology, now is the time to move from research to readiness. Matheus Sena, Marc Geitz, Riccardo Pascotto, Dr. Oliver Holschke, Abdu Mudesir

The biggest threat to your data isn’t happening tomorrow. It happened yesterday. If you haven’t heard of HNDL (Harvest Now, Decrypt Later), your long-term data strategy has a massive blind spot. Here is the reality: State actors and cybercriminals are capturing your encrypted data today. They can’t read it yet, so they’re storing it in massive data vaults, waiting for the "Qday"—the moment quantum computers become powerful enough to break current encryption. If your data needs to stay private for 5, 10, or 20 years, it’s already at risk. What’s on the line? ↳ Intellectual Property (IP) and trade secrets. ↳ Government and identity data. ↳ Long-term financial records and contracts. ↳ Sensitive customer health data. How do we solve it? 🛠️ We cannot wait for quantum supremacy to react. The fix starts now: ↳ Inventory: Identify which data has a long shelf-life. ↳ Crypto-Agility: Move toward systems that can swap encryption methods without a total overhaul. ↳ Hybrid PQC: Implement Post-Quantum Cryptography alongside classical methods to ensure traffic captured today remains a mystery tomorrow. The transition to quantum-resistant security is a marathon, not a sprint. Are you tracking HNDL on your current risk register? Let’s discuss in the comments. 👇 P.S. If you want help mapping your exposure or building a PQC migration plan, drop me a message. ♻️ Share this post if it speaks to you, and follow me for more. #QuantumSecurity #PQC

US researchers have achieved quantum teleportation over 30 kilometers using standard internet fiber optic cables, a major step towards secure quantum networks. This process used entangled particles to transmit quantum states while coexisting with regular internet traffic, proving compatibility between quantum and classical communication. The breakthrough, published in Optica, eliminates the need for costly infrastructure, paving the way for advanced applications in quantum computing, faster data sharing, and highly secure communication systems. This milestone demonstrates the practicality of integrating quantum technology into existing networks. Source – ZME Science I have regularly been critical of quantum computing, but there's another area of quantum mechanics - entanglement - that I think holds far more potential short term. Entanglement (aka spooky action at a distance, according to Einstein) causes two particles to effectively act as if they were the same particle (bosons), even when separated by sizeable distances. If you influence one particle, the other particle will change state without any intervening transmission, and this change of state (such as polarity, can then be detected). This experiment showed that you can transmit one of a pair of such particles across coaxial cables and maintain entanglement. The upshot of this is very interesting, because it means that messages can be send point to point without having to be routed through a complex network. Not only would this have a huge impact upon the speed of such systems, but the communication would be completely secure as there is no possibility of a man-in-the-middle type effect. It also reduces the need for big cryptographic keys, and futureproofs against quantum decoding.