Toppan Printing and NICT Establish Private Certificate Authority for Quantum Resistant Computer Encr
Long-Term Secure Data Storage and Exchange System for Health Care Confirms Effectiveness Ensuring Internet security to realize a safe and secure social infrastructure
Toppan Printing Co.
National Institute of Information and Communications Technology
(Toppan Printing; Headquarters: Bunkyo-ku, Tokyo; President: Hideharu Maro; hereafter "Toppan Printing") and the National Institute of Information and Communications Technology (NICT; President: Hideyuki Tokuda) are collaborating in research on post-quantum computer cryptography (*1), which is considered difficult to crack even with quantum computers. Cryptography (PQC) (*1), which is considered difficult to crack even with a quantum computer, is being studied in collaboration with Toppan Printing. Toppan Printing and NICT have recently collaborated on the "Healthcare Long-Term Integrity and Confidentiality Protection System (H-LINCOS)" (*2), a long-term secure data storage and exchange system for healthcare, a test bed operated by NICT. (*2), a PQC-compliant private certification authority (*3) has been constructed, and a tamper detection function has been implemented through the addition of digital signature and digital certificate issuing functions and linkage with the "PQC CARD®" developed by Toppan Printing and NICT, and its effectiveness successfully verified. Toppan Printing and NICT will utilize this technology in the future to promote the social implementation of quantum secure cloud technology (*4), which enables secure distribution, storage, and utilization of highly confidential information in the future. In the era of quantum computing, NICT will also aim to realize a safe and secure social infrastructure by establishing fundamental technology to ensure cyber security for daily activities on the Internet such as e-mail, SNS, online shopping, IoT-related systems, and connected cars (*5). The project will be conducted in collaboration with the Cabinet Office, the Ministry of Economy, Trade and Industry. Part of this research was conducted under the "Society 5.0 Realization Technology Using Light and Quantum" SIP program of the Cabinet Office, Government of Japan (Research Promotion Corporation: National Institute of Quantum Science and Technology). H-LINCOSでのアクセス制御の構成図（赤枠が今回、構築したプライベート認証局） © TOPPAN INC. 開発の背景 電子メールや、オンラインショッピング、キャッシュレス決済、各種電子申請など、インターネットを介したサービスでは、信頼された第三者機関である認証局によって、安全にデータ通信を行うことができています。認証局とは、電子証明書を発行したり、電子証明書の有効期限を確認・検証したりする安全性が担保された独立機関です。また認証局は、電子署名の正当性を公に対して示すパブリック認証局と、社内などの閉じられた領域内に示すプライベート認証局の二つに分類でき、どちらもインターネット上で通信相手を信頼するために利用者から求められる機能は同じです。 現在、認証局は公開鍵暗号方式（※6）に基づいて電子署名や認証をすることで、通信相手のなりすましやデータの改ざんなどのリスクを防ぎ安全なデータ通信を可能としています。しかし、2030年頃に実用化が期待されている量子コンピュータにより、現在の公開鍵暗号は破られる恐れがあり、量子コンピュータを用いても破ることが困難とされるPQCを用いたセキュリティの強化が課題となっています。また、PQCを用いてデータ通信を行ったとしても、通信相手が正しく保証されていなければ、安全なデータ通信は行えません。そのため、今後はPQCの実用化に向けて、認証局の早期実現が求められています。 凸版印刷とNICTはこれらの課題に対し、ISARA Corporation（本社：カナダ・オンタリオ州、CEO：アツシ・ヤマダ、以下 ISARA）がもつPQCに関する先端技術を活用することで、PQCに対応したプライベート認証局を構築し、H-LINCOSでのより実際の運用場面に即した安全なICカード認証と電子カルテデータへのアクセス制御が可能となりました。 2者の役割 ・凸版印刷 ISARAとの連携を通じたPQC対応プライベート認証局のH-LINCOSへの実装、「PQC CARD®」とPQC対応プライベート認証局のシステム間連携・開発 ・NICT 本開発の全体構成、詳細仕様の策定、テストベッドである「H-LINCOS」環境の提供 PQC対応プライベート認証局の特長 (1) H-LINCOS can issue PQC digital certificates that are compatible with CRYSTALS-Dilithium. When controlling access to electronic medical record data using the "PQC CARD®", H-LINCOS verifies the digital certificate stored in the " PQC CARD®" to confirm that the user is the correct person with the correct authority. This time, we have built a function in which a PQC-compliant private certification authority issues that digital certificate using PQC's digital signature algorithm called CRYSTALS-Dilithium (*7). (2) Updating H-LINCOS to an environment suitable for actual operations H-LINCOS has been updated to a test bed more suited to actual operational scenarios by building a series of functions that issue digital certificates at a PQC-compliant private certification authority and store the digital certificates in a "PQC CARD® ". We also verified IC card authentication and access control to electronic medical record data in H-LINCOS using the "PQC CARD® " and confirmed that it works without any problems. Future Goals Toppan Printing and NICT are aiming for limited practical application of "Quantum Secure Cloud Technology" in 2025 and full-scale provision in 2030, utilizing the private certification authority and other related technologies. In addition, Toppan Printing and NICT will not only focus on IC card security, but also on the application of PQC as a fundamental technology to ensure Internet security, including personal information management in healthcare, finance, and government, as well as e-mail, SNS, online shopping, IoT-related systems, and connected cars. We aim to apply and expand PQC to a wide range of services. 1 Post-Quantum Cryptography Post-Quantum Cryptography, selected by the National Institute of Standards and Technology (NIST), a U.S. government agency, includes multiple cryptographic schemes for both public-key cryptography and digital signatures. Toppan Printing and NICT have been referring to both of them as public-key cryptography, but will change the term to quantum-resistant computer cryptography in accordance with NIST's notation. 2 H-LINCOS H-LINCOS (Healthcare Long-Term Integrity and Confidentiality Protection System), a long-term secure data storage and exchange system for healthcare, uses secret sharing, quantum cryptography, and other confidential communication and public key authentication infrastructure technologies to It is a long-term secure data storage and exchange system for healthcare that provides secure and highly available backup of electronic medical record data and mutual use among medical institutions. Reference: NICT press release, December 12, 2019: https: //www.nict.go.jp/press/2019/12/12-1.html 3 Private Certification Authority A private certification authority is a system that operates within a limited scope, such as an internal network, and has the ability to issue digital certificates that guarantee the legitimacy of the server. 4 Quantum secure cloud technology A cloud technology that enables secure distribution, storage, and utilization of important information, consisting of a next-generation cryptographic infrastructure that integrates quantum cryptography, secret sharing, and quantum computer cryptography, and next-generation computing that integrates quantum computers and the latest semiconductor computers. Reference: NICT Quantum Network White Paper https://www.nict.go.jp/press/2021/04/01-3.html 5 Connected car A connected car is an automobile that functions as an ICT terminal. It is expected to create new value by acquiring various data, such as vehicle status and surrounding road conditions, through sensors, and accumulating and analyzing the data via a network. 6 Public key cryptography A cryptographic scheme that uses two different pairs of keys for encryption and decryption of information. 7 CRYSTALS-Dilithium A next-generation cryptographic algorithm selected by the National Institute of Standards and Technology, a U.S. government agency, in July 2022. A lattice-based public-key cryptosystem for digital signatures. PQC CARD" is a registered trademark of Toppan Printing Co. The names of products and services mentioned in this news release are trademarks or registered trademarks of their respective companies. The information in this news release is current as of the date of publication. The information in this news release is current as of the date of publication and is subject to change without notice. and above