Secure secondary utilization system of genomic data using quantum secure cloud

量子セキュアクラウドによる高速安全なゲノム解析システムの開発に成功 --従来不可能だった情報理論的安全で高速な処理を実現--. 京都大学プレスリリース. 2022-11-24.Secure storage and secondary use of individual human genome data is increasingly important for genome research and personalized medicine. Currently, it is necessary to store the whole genome sequencing information (FASTQ data), which enables detections of de novo mutations and structural variations in the analysis of hereditary diseases and cancer. Furthermore, bioinformatics tools to analyze FASTQ data are frequently updated to improve the precision and recall of detected variants. However, existing secure secondary use of data, such as multi-party computation or homomorphic encryption, can handle only a limited algorithms and usually requires huge computational resources. Here, we developed a high-performance one-stop system for large-scale genome data analysis with secure secondary use of the data by the data owner and multiple users with different levels of data access control. Our quantum secure cloud system is a distributed secure genomic data analysis system (DSGD) with a “trusted server” built on a quantum secure cloud, the information-theoretically secure Tokyo QKD Network. The trusted server will be capable of deploying and running a variety of sequencing analysis hardware, such as GPUs and FPGAs, as well as CPU-based software. We demonstrated that DSGD achieved comparable throughput with and without encryption on the trusted server Therefore, our system is ready to be installed at research institutes and hospitals that make diagnoses based on whole genome sequencing on a daily basis

Quantum key distribution with an efficient countermeasure against correlated intensity fluctuations in optical pulses

Quantum key distribution (QKD) allows two distant parties to share secret keys with the proven security even in the presence of an eavesdropper with unbounded computational power. Recently, GHz-clock decoy QKD systems have been realized by employing ultrafast optical communication devices. However, security loopholes of high-speed systems have not been fully explored yet. Here we point out a security loophole at the transmitter of the GHz-clock QKD, which is a common problem in high-speed QKD systems using practical band-width limited devices. We experimentally observe the inter-pulse intensity correlation and modulation-pattern dependent intensity deviation in a practical high-speed QKD system. Such correlation violates the assumption of most security theories. We also provide its countermeasure which does not require significant changes of hardware and can generate keys secure over 100 km fiber transmission. Our countermeasure is simple, effective and applicable to wide range of high-speed QKD systems, and thus paves the way to realize ultrafast and security-certified commercial QKD systems

Energy efficient mining on a quantum-enabled blockchain using light

We outline a quantum-enabled blockchain architecture based on a consortium of quantum servers. The network is hybridised, utilising digital systems for sharing and processing classical information combined with a fibre--optic infrastructure and quantum devices for transmitting and processing quantum information. We deliver an energy efficient interactive mining protocol enacted between clients and servers which uses quantum information encoded in light and removes the need for trust in network infrastructure. Instead, clients on the network need only trust the transparent network code, and that their devices adhere to the rules of quantum physics. To demonstrate the energy efficiency of the mining protocol, we elaborate upon the results of two previous experiments (one performed over 1km of optical fibre) as applied to this work. Finally, we address some key vulnerabilities, explore open questions, and observe forward--compatibility with the quantum internet and quantum computing technologies.Comment: 25 pages, 5 figure

Foiling covert channels and malicious classical post-processing units in quantum key distribution

The existing paradigm for the security of quantum key distribution (QKD) suffers from two fundamental weaknesses. First, covert channels have emerged as an important threat and have attracted a lot of attention in security research in conventional information and communication systems. Covert channels (e.g. memory attacks) can fatally break the security of even deviceindependent quantum key distribution (DI-QKD), whenever QKD devices are re-used. Second, it is often implicitly assumed that the classical post-processing units of a QKD system are trusted. This is a rather strong assumption and is very hard to justify in practice. Here, we propose a new paradigm for the security of QKD that addresses these two fundamental problems. Specifically, we show that by using verifiable secret sharing and multiple optical devices and classical post-processing units, one could re-establish the security of QKD. Our techniques are rather general and they apply to both DI-QKD and non-DI-QKD.Ministerio de Economía y Competitividad | Ref. TEC2014-54898-RMinisterio de Economía y Competitividad | Ref. TEC2017-88243-

Private Authentication: Optimal Information Theoretic Schemes

The main security service in the connected world of cyber physical systems necessitates to authenticate a large number of nodes privately. In this paper, the private authentication problem is considered, that consists of a certificate authority, a verifier, many legitimate users (prover) and any arbitrary number of illegitimate users. Each legitimate user wants to be authenticated (using his personal key) by the verifier, while simultaneously wants to stay completely anonymous (even to the verifier and the CA). On the other hand, an illegitimate user must fail to authenticate himself. We analyze this problem from an information theoretical perspective. First, we propose a general interactive information-theoretic model for the problem. As a metric to measure the reliability, we consider the authentication key rate whose rate maximization has a trade-off with establishing privacy. Then, we analyze the problem in two different regimes: finite size regime (i.e., the variables are elements of a finite field) and asymptotic regime (i.e., the variables are considered to have large enough length). For both regimes, we propose schemes that satisfy the completeness, soundness and privacy properties. In finite size regime, the idea is to generate the authentication keys according to a secret sharing scheme. In asymptotic regime, we use a random binning based scheme which relies on the joint typicality to generate the authentication keys. Moreover, providing the converse proof, we show that our scheme achieves capacity in the asymptotic regime. For finite size regime our scheme achieves capacity for large field size.Comment: 15 pages, 3 figure

Healthcare 5.0 Security Framework: Applications, Issues and Future Research Directions

Healthcare 5.0 is a system that can be deployed to provide various healthcare services. It does these services by utilising a new generation of information technologies, such as Internet of Things (IoT), Artificial Intelligence (AI), Big data analytics, blockchain and cloud computing. Due to the introduction of healthcare 5.0, the paradigm has been now changed. It is disease-centered to patient-centered care where it provides healthcare services and supports to the people. However, there are several security issues and challenges in healthcare 5.0 which may cause the leakage or alteration of sensitive healthcare data. This demands that we need a robust framework in order to secure the data of healthcare 5.0, which can facilitate different security related procedures like authentication, access control, key management and intrusion detection. Therefore, in this review article, we propose the design of a secure generalized healthcare 5.0 framework. The details of various applications of healthcare 5.0 along with the security requirements and threat model of healthcare 5.0 are provided. Next, we discuss about the existing security mechanisms in healthcare 5.0 along with their performance comparison. Some future research directions are finally discussed for the researchers working in healthcare 5.0 domain