The Unbreakable Enterprise Kernel (UEK) is a Linux kernel built and supported by Oracle. UEK is well-tested and used to run Oracle's Engineered Systems, Oracle Cloud Infrastructure, and large enterprise deployments. Quantum-resistant (QR) Oracle Linux incorporates hybrid postquantum cryptography, combining state-of-the-art classical encryption algorithms with post-quantum encryption algorithms, provided by the National Institute of Standards and Technology (NIST). QR Oracle Linux accomplishes two objectives: Cloaking network endpoints at the edge and the Oracle Cloud Infrastructure (OCI) interface and increasing resistance to decryption by classical and future quantum computers.
You can use QR Oracle Linux in all applications for which you want to reduce the detectable attack surface or ensure future-safe encryption, particularly for deployments involving government and critical infrastructure assets where operational privacy is paramount. You can deploy QR Oracle Linux in OCI or at the edge, and it provides network interoperability with non-Oracle versions of Linux existing in the same data network.
Quantum computing and QR Oracle Linux
Dozens of billions of dollars are invested worldwide to create an exponential acceleration in quantum computing power. The market is anticipating a cryptographically relevant quantum computer capable of decrypting today’s asymmetric encryption, including Rivest-Shamir-Adleman encryption algorithm (RSA) and Elliptic-Curve Cryptography (ECC) , within minutes or seconds. Through executive orders, directives, the March 2023 U.S. National Security Strategy, and other US guidelines, the US government is driving a national upgrade of network encryption used by critical infrastructure and federal agencies to be resistant to decryption by future quantum computers. The Office of Management and Budget has directed Congress to fund this upgrade beginning with the FY2025 federal budget.
QR Oracle Linux UEK is powered by Patero CryptoQoR (QoR), incorporating hybrid postquantum cryptography. Hybrid postquantum cryptography hybridizes classic and NIST’s quantum-resistant algorithms into a rotating session key to provide two layers of encryption with perfect forward secrecy. Patero QoR is “crypto agile,” making networks deployed with QR Oracle Linux “future-safe” because they can adopt future quantum-resistant algorithms. These algorithms are certified by NIST without the need to decommission, rip, or replace deployed QR Oracle Linux. QoR is a software-based cryptomodule deployed as an installable image that runs in the kernel space and includes a centralized management system to administer QoR-protected endpoints.
Key features and benefits of QR Oracle Linux UEK
QR Oracle Linux UEK disguises internet-facing network elements and makes data indecipherable. The solution delivers comprehensive protection for cloud, critical infrastructure, federal and department of defense (DoD) networks and includes the following features:
QR Oracle Linux UEK powered by Patero QoR performance has been certified over commercial, open, and transoceanic internet links. Two-core VMs and bare metal servers were deployed in OCI Ashburn, VA, and Frankfurt, Germany. Extensive mono- and bi-directional data transmission tests were conducted to gain a statistically significant measure of impact on throughput, CPU load, and latency between unencrypted and encrypted network performance. Throughput and latency performance is within 1% of unencrypted performance, and CPU load is reduced by 0.4% on bare metal and increased by approximately 1.9% on virtual machines evenly distributed across available cores with encryption enabled.
For more information on how to work with Patero, please contact Crick@Patero.io.
The image can be downloaded from Oracle Cloud Marketplace at https://cloudmarketplace.oracle.com/marketplace/en_US/listing/152194648
Sanjay focuses on the advanced services like Generative AI, Machine-Learning, GPU Engineering, Blockchain, Microservices, Industrial IoT, 5G core along with Cloud Security and Compliance. He has double masters in Computer Science and Systems Design. His PhD was in Organizational Behaviour and Applied Neuroscience. Currently, he is pursuing his second PhD in AI. His focus of research is Retentive Networks.
Crick Waters is the CEO of Patero, the company that has created quantum-safe algorithms for quantum resistant UEK for Oracle Linux.