As computer-based technologies have evolved, conventional in-person and paper-based transactions and communications are increasingly performed electronically over networks (e.g., the internet). Although electronic communications have significantly reduced costs and improved efficiencies, they pose significant risks regarding identification and authentication of signing parties, integrity of data, and confidentiality.
Digital signatures are mathematical schemes for demonstrating the data integrity and origin authenticity of digital messages or electronic documents. A variety of cryptographic techniques are used to encrypt data and to create digital signatures. With symmetric key cryptographic systems, a pair of users who desire to exchange data securely use a shared “symmetric” key. With this type of approach, a sender of a message uses the same key to encrypt the message that a recipient of the message uses to decrypt the message. Symmetric key systems require that each sender and recipient establish the shared key in a secure manner. Public key systems (e.g., asymmetric key cryptography) may also be used to exchange messages securely. With public-key cryptographic systems, two types of keys are used—public keys and private keys. A sender of a message may encrypt the message using the public key of a recipient. The recipient may use a corresponding private key to decrypt the message.
Additionally, public key cryptographic systems (e.g., asymmetric key cryptographic systems) may be used to produce digital signatures. A recipient of a message that has been digitally signed can use the digital signature to verify the identity of the message sender and to confirm that the message has not been altered during transit. In a typical digital signature arrangement, a sender uses a cryptographic hash function to produce a hash (e.g., message digest). The hash is much smaller than the original message and is relatively unique to the message. The sender then uses its private key to generate the digital signature using the hash. The process of signing the message uses a mathematical operation that can only be performed by the sender who possesses the private key. The message and the digital signature can then be sent to a recipient. As will be appreciated, the recipient (e.g., the relying party) is an entity that can use the digital signature and the message sender's public key (e.g., encapsulated in a certificate) to determine that the sender is the message signer and that the integrity and origin authenticity of the message has not been compromised.
As transactions, interactions, and communications occur over various internet-centric services, the protection of sensitive information needs to be efficient and effective, providing assurance of the identity of the party while not compromising any sensitive information or slowing down information exchange processes with heavy (e.g., processor-intensive) protection mechanisms and to be resistant to compromise from more efficient and effective computing systems. This is especially true with the development of quantum computing. Quantum computing is the utilization of quantum mechanics (e.g., the universe's behavior at the microscopic level) to develop exponentially faster methods of performing certain practical calculations. Generally, in quantum computing or in a quantum computer, one stores quantum information in qubits; qubits perform a role akin to the role of memory in a standard computer. The quantum computer then performs manipulations on the qubits by a sequence of logical quantum gates. Quantum computers are not the only technology where such quantum memories are required. As will be appreciated, cryptographic systems that may be resistant to brute force or compromise by traditional computing system may be susceptible to brute force and compromise by quantum computing systems due to the exponentially faster methods of performing certain practical calculations. Thus, the protection of sensitive information needs to be able to withstand unauthorized users that make use of quantum computing systems to impersonate and gain access to cryptographic keys.