Security Highlight: The Rise of the BLOC Cipher

At the CARDIS 2023 conference, Axel Poschmann presented on the development of crypto in context of geopolitics. He started by sketching the demise of globalization, leading to economic decoupling.

Many countries now realize that globalization can create a dependency on rivals, threatening access to critical resources. This causes a security risk when deterrence is undermined by a one-sided dependency on resource delivery.

This realization has accelerated the forming of blocs: a group of countries or political parties with common interests who have formed an alliance. Blocs make sure they keep unrestricted access to critical resources by “friendshoring.”

Current day, critical resources go beyond raw materials. They also include high end capabilities, such as chip manufacturing and cryptography. Across the world, governments have created hurdles for the distribution of cryptographic products, which has strengthened the need for different cryptographic solutions. Poschmann referred to this as “the BLOC cipher.”

Independently and in parallel, a complete overhaul of cryptography has started with the advent of Quantum Computers. These machines are expected to develop in strength and break contemporary cryptographic protections. The search for improved algorithms is in full swing, but new proposals are slow to gain trust. With the large number of proposed algorithms, the world’s tech capabilities are spread thin in reviewing, implementing, and testing them. Unfortunately, this problem is only prolonged by deglobalization where each BLOC favors their own approach.

Is this a problem? Economic decoupling is not new. It also occurred during the Cold War. Before the AES algorithm became globally popular, the dominant symmetric key encryption was the Data Encryption Standard (DES), which was never fully trusted. As the DES had been developed in the United States and its design considerations were never published, many people feared the presence of backdoors. Therefore, many countries and organizations developed their own alternatives. It is only in the past three decades that cryptographic innovation has been dominated by independent and international academic research.

On the other hand, although we survived the cold war, we live in a different world now, with different needs. Global commerce and trade require secure communication. International payments are fully digital. Privacy and confidentiality is a must for both civilian and business communication. And contracts need integrity protection to be trusted. Virtually all internet communication uses encryption, and we would no longer be able to function without it. If the world cannot agree on new global PQC standards, then our digital communication will no longer cross the BLOC borders, and we will truly return to the cold war practice of decoupled economies. We have a shared responsibility to continue working on mutually accepted standards, and keep the world connected.

If you have any questions, contact us at riscuresolutions@keysight.com.