US-12627478-B2 - Quantum resistant ledger for secure communications

Abstract

According to an embodiment, a method includes identifying, by a first network component, data and determining a security level from a plurality of security levels associated with the data. The method also includes determining an encryption scheme from a plurality of encryption schemes to apply to the data and applying, using a Quantum Resistant Ledger (QRL), the encryption scheme to the data to generate encrypted data. The method further includes communicating the encrypted data to a second network component.

Inventors

• Ambrose KAM
• Alexander Richard VESEY

Assignees

• LOCKHEED MARTIN CORPORATION

Dates

Publication Date

20260512

Application Date

20230725

Claims (20)

1. 1 . A first network component, comprising one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and including instructions that, when executed by the one or more processors, cause the first network component to perform operations comprising: generating a lattice transmission using at least one post-quantum encryption scheme; signing the lattice transmission with a post-quantum, hash-based digital signature scheme; communicating the lattice transmission to a Quantum Resistant Ledger (QRL) blockchain; obtaining a public key of a second network component from the QRL blockchain, wherein the QRL blockchain is secured with lattice-based cryptography; identifying data; determining a security level from a plurality of security levels associated with the data; determining an encryption scheme from a plurality of encryption schemes to apply to the data; applying, using a Quantum Resistant Ledger (QRL) and the public key of the second network component, the encryption scheme to the data to generate encrypted data; and communicating the encrypted data to the second network component.
2. 2 . The first network component of claim 1 , wherein: The QRL blockchain comprises a plurality of blocks; and each of the plurality of blocks comprises a hash-based signature.
3. 3 . The first network component of claim 1 , the operations further comprising: generating, using the QRL, a single public key; and leveraging the single public key to generate public/private key pairs.
4. 4 . The first network component of claim 1 , the operations further comprising securing, using the QRL, signatures used for transactions.
5. 5 . The first network component of claim 1 , the operations further comprising categorizing the first network component and the second network component in accordance with a role-based validation rule.
6. 6 . The first network component of claim 1 , wherein the encryption scheme is associated with one of the following: classical encryption; post-quantum encryption; or distributed ledger technology (DLT).
7. 7 . The first network component of claim 1 , wherein the security level is associated with one of the following: an 80-bit security level; a 112-bit security level; a 128-bit security level; a 192-bit security level; or a 256-bit security level.
8. 8 . A method, comprising: generating a lattice transmission using at least one post-quantum encryption scheme; signing the lattice transmission with a post-quantum, hash-based digital signature scheme; communicating, by a first network component, the lattice transmission to a Quantum Resistant Ledger (QRL) blockchain; obtaining a public key of a second network component from the QRL blockchain, wherein the QRL blockchain is secured with lattice-based cryptography; identifying, by the first network component, data; determining a security level from a plurality of security levels associated with the data; determining an encryption scheme from a plurality of encryption schemes to apply to the data; applying, using a Quantum Resistant Ledger (QRL) and the public key of the second network component, the encryption scheme to the data to generate encrypted data; and communicating the encrypted data to the second network component.
9. 9 . The method of claim 8 , wherein: the QRL blockchain comprises a plurality of blocks; and each of the plurality of blocks comprises a hash-based signature.
10. 10 . The method of claim 8 , further comprising: generating, using the QRL, a single public key; and leveraging the single public key to generate public/private key pairs.
11. 11 . The method of claim 8 , further comprising securing, using the QRL, signatures used for transactions.
12. 12 . The method of claim 8 , further comprising categorizing the first network component and the second network component in accordance with a role-based validation rule.
13. 13 . The method of claim 8 , wherein the encryption scheme is associated with one of the following: classical encryption; post-quantum encryption; or distributed ledger technology (DLT).
14. 14 . The method of claim 8 , wherein the security level is associated with one of the following: an 80-bit security level; a 112-bit security level; a 128-bit security level; a 192-bit security level; or a 256-bit security level.
15. 15 . One or more computer-readable non-transitory storage media embodying instructions that, when executed by a processor, cause the processor to perform operations comprising: generating a lattice transmission using at least one post-quantum encryption scheme; signing the lattice transmission with a post-quantum, hash-based digital signature scheme; communicating, by a first network component, the lattice transmission to a Quantum Resistant Ledger (QRL) blockchain; obtaining a public key of a second network component from the QRL blockchain, wherein the QRL blockchain is secured with lattice-based cryptography; identifying, by the first network component, data; determining a security level from a plurality of security levels associated with the data; determining an encryption scheme from a plurality of encryption schemes to apply to the data; applying, using a Quantum Resistant Ledger (QRL) and the public key of the second network component, the encryption scheme to the data to generate encrypted data; and communicating the encrypted data to the second network component.
16. 16 . The one or more computer-readable non-transitory storage media of claim 15 , wherein: The QRL blockchain comprises a plurality of blocks; and each of the plurality of blocks comprises a hash-based signature.
17. 17 . The one or more computer-readable non-transitory storage media of claim 15 , the operations further comprising: generating, using the QRL, a single public key; and leveraging the single public key to generate public/private key pairs.
18. 18 . The one or more computer-readable non-transitory storage media of claim 15 , the operations further comprising securing, using the QRL, signatures used for transactions.
19. 19 . The one or more computer-readable non-transitory storage media of claim 15 , the operations further comprising categorizing the first network component and the second network component in accordance with a role-based validation rule.
20. 20 . The one or more computer-readable non-transitory storage media of claim 15 , wherein the encryption scheme is associated with one of the following: classical encryption; post-quantum encryption; or distributed ledger technology (DLT).

Description

PRIORITY This nonprovisional application claims priority to U.S. Provisional Patent Application No. 63/369,406 filed Jul. 26, 2022, and entitled “QUANTUM RESISTANT LEDGER FOR SECURE COMMUNICATIONS,” which is hereby incorporated by reference in its entirety. TECHNICAL FIELD The disclosure generally relates to secure communications, and more specifically to a quantum resistant ledger for secure communications. BACKGROUND The emerging 5G infrastructure allows for high throughput and low latency. Data encryption continues to be an Achilles' heel in this new environment. Quantum technology may defeat known encryption schemes (e.g., Rivest-Shamir-Adleman (RSA) 2048) using, for example, Shor's algorithm with quantum computers. SUMMARY OF THE DISCLOSURE According to some embodiments, a first network component includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and including instructions that, when executed by the one or more processors, cause the first network component to perform operations. The operations include identifying data and determining a security level from a plurality of security levels associated with the data. The operations also include determining an encryption scheme from a plurality of encryption schemes to apply to the data and applying, using a Quantum Resistant Ledger (QRL), the encryption scheme to the data to generate encrypted data. The operations further include communicating the encrypted data to a second network component. In certain embodiments, the QRL represents a blockchain that includes a plurality of blocks. Each of the plurality of blocks may include a hash-based signature. In some embodiments, the encryption scheme is associated with one of the following: classical encryption, post-quantum encryption, or distributed ledger technology (DLT). In certain embodiments, the security level is associated with one of the following: an 80-bit security level, a 112-bit security level, a 128-bit security level, a 192-bit security level, or a 256-bit security level. In certain embodiments, the operations include generating, using the QRL, a single public key and/or leveraging the single public key to generate public/private key pairs. In some embodiments, the operations include securing, using the QRL, signatures used for transactions. In certain embodiments, the operations include categorizing the first network component and the second network component in accordance with a role-based validation rule. According to other embodiments, a method includes identifying, by a first network component, data and determining a security level from a plurality of security levels associated with the data. The method also includes determining an encryption scheme from a plurality of encryption schemes to apply to the data and applying, using a QRL, the encryption scheme to the data to generate encrypted data. The method further includes communicating the encrypted data to a second network component. According to other embodiments, one or more computer-readable non-transitory storage media embody instructions that, when executed by a processor, cause the processor to perform operations. The operations include identifying, by a first network component, data and determining a security level from a plurality of security levels associated with the data. The operations also include determining an encryption scheme from a plurality of encryption schemes to apply to the data and applying, using a QRL, the encryption scheme to the data to generate encrypted data. The operations further include communicating the encrypted data to a second network component. Technical advantages of certain embodiments of this disclosure may include one or more of the following. In certain embodiments, the QRL described herein counters the potential advent of a sudden non-linear quantum computing advance. Certain embodiments of this disclosure do not require a quantum computer to deploy the Post Quantum Cryptography (PQC) solution, thereby making it very feasible. The QRL technology can be implemented on classical binary computers available today instead of waiting for quantum computers to mature. In certain embodiments, the QRL/Blockchain/DLT solutions operate on top of 5G/XG for better data protection in a military setting. The QRL solution may be applied at different levels of security for different quality of service (QoS) levels. In certain embodiments, the QRL solution described herein leverages government validated post-quantum encryption schemes to enhance data security and integrity. Certain embodiments described herein secure communications in an enterprise IP and 5G environments. In certain embodiments, quantum resistant DLT is layered on top of the XG network architecture, which ensures high throughput, low latency, and secure communications. Certain embodiments of this disclosure use low power, high frequency bandwidths, which allows for bette