Grids, Pumps, and Pipelines: Vulnerable or Protected?

Traditional security algorithms are not strong enough to protect critical infrastructure from hackers armed with quantum computing. Quantum encryption is the answer, but many cyphers are untested, and solutions can be slow. A proven hybrid approach can provide security without latency.

Article Key

Image credit: Patero

Recognizing a need for secure communication, the founders of Patero GMBH developed a hack proof phone in 2017. The engineers, a German Armed Forces service member with a background in cryptography and a former IBM technologist with expertise in quantum computing, knew that the intelligence community needed secure phones. But when they shopped their hack proof phone to government organizations, it was rejected because the technology didn’t have a back door.

Peter Bentley contacted the founders and suggested they transition the secure phone technology to the data streams that support critical infrastructure. They took his advice, pivoted their focus, and changed the trajectory of the company. Bentley joined them to form and lead Patero Inc., a new company that would focus on bringing hardening technologies to US markets.

“That is our mission: to protect the critical communication in critical infrastructure, specifically the most vulnerable pieces of critical infrastructure—those that are out in the middle of nowhere, that are moving, autonomous drones—that are not protected by cybersecurity technologies,” says Kristin Kelly, Head of Strategy for Patero.

A Crypto-Agile Solution

Industrial customers operating grids, pumps, and pipelines with geographically distributed assets face security challenges when bringing data from the field back to a central location. Hackers using quantum computing can make that communication even more dangerous.

“If you have distributed, decentralized, autonomous assets, a traditional security product is not going to work,” Kelly says. “You need not only quantum, you need a new approach.”

Patero CryptoQoR uses a hybrid approach. The standards-based solution piggybacks on and fortifies a company’s existing encryption solution. “We take that enterprise encryption certification, blend it with our post-quantum encryption and [generate] a derivative key out of that,” says Bentley, now the COO of Patero. Hackers have to crack both keys to penetrate the network.

Data security solutions that only rely on quantum resistant algorithms are slow and can decrease network performance. Patero’s combination of traditional and post-quantum encryption algorithms doesn’t add latency, Kelly says. That is critical when protecting planes, trains, drones, and other fast-moving objects.

“Our software is incorporated into the infrastructure. It’s more aligned with zero-trust and very deliberately creates quantum computing tunnels,” Kelly says. “One endpoint talks to another recognized endpoint, and it does not go through the cloud. With the cloud, you’re just increasing the attack surface.”

Futureproof Security

Even the most advanced technologies have to work with legacy equipment, as they bring networks into the next generation. The Patero CyberQoR hybrid solution offers senior information security officers a pragmatic way to transition to quantum security today and provides a futureproof path to post-quantum encryption.

CyberQoR is crypto-agile, meaning it can be updated to support new cyphers as they become certified by NIST. Operators can change or add encryption algorithms through a point-and-click interface.

“We have a solution that works,” Kelly says. “It doesn’t compromise operations. It protects operational data now, and it’s agile. You can swap out algorithms, so you can protect communications down the line.”

CryptoQoR is currently deployed on critical infrastructure in the US and in Germany, Kelly says. Patero is working with Intel® Solutions Marketplace partner Arrow Electronics to provide the appropriate hardware and management software solutions and support. Arrow can also help Patero reach new markets.

“Other companies are using random number generation or random key distribution. Patero has a different approach, and it is commercially viable today,” adds Kelly.

Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries.