Editing
Toward regulation for security and privacy
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security regulation and data value== Banking and payment are heavily regulated industries. One aspect of this regulation is the duration of data’s security. The value of data obviously evolves over time. The images of a football game have a very high value for a short time, whereas the value of personal, healthcare or classified data remains high for at least thirty years. For banking data, ten or twenty years of security is standard, and in some cases, it tends to evolve toward thirty years. Considering the value of data over time has very different consequences in the classical and quantum case. In classical cryptography, the mathematical security follows from the conjectured hardness of some computational problem. For example, the security of RSA encryption follows from the hardness of factoring large numbers. Therefore, in order to set the size of encryption keys (a large number in the case of RSA), it is necessary not only to consider current computational power, but also anticipate its increase during all the lifetime of the data. These previsions are usually done by governments through either IT security Agencies (BSI in Germany, ANSSI in France) or standardization institutions (NIST in the US). These previsions are obviously more relevant for the short term than the long term, which makes the question of long-term security very complex in the case of classical cryptography. As we mentioned already, quantum cryptography can make data as secure in the future as they are at the moment they are encrypted. This could completely change the way we approach security over time. In particular, the question of the long-term security of data should be reconsidered in this setting. Quantum key distribution and its applications to secure storage is opening new doors for the regulation of the security of the most sensitive data. The general framework for data privacy in Europe is GDPR. This regulation lays down the people’s right regarding the processing and movement of their personal data. This puts stringent limitations on how collected data can be used. Data aggregation, introduced earlier, is a case in which cryptography can be used to enforce trust between mistrustful parties. Similar approaches can be developed for regulated data.
Summary:
Please note that all contributions to Quantum Protocol Zoo may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Quantum Protocol Zoo:Copyrights
for details).
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Navigation
Main page
News
Protocol Library
Certification Library
Nodal Subroutines
Codes Repository
Knowledge Graphs
Submissions
Categories
Supplementary Information
Recent Changes
Contact us
Help
Tools
What links here
Related changes
Special pages
Page information