IBM’s z16 mainframe brings two industry-firsts and quantum-proof data encryption
IBM has unveiled its latest line of z-series mainframes with the z16, bringing with it two industry-first features that are already saving businesses millions of dollars, the company’s experts said.
It said its z16 mainframe is equipped with an industry-first quantum-safe security system, underpinned by lattice-based cryptography, which uses secure boot to prevent malware from being injected at the startup phase and quantum-resistant cryptography to prevent an attacker from brute-forcing decryption of the most sensitive data.
A sufficiently powerful quantum computer can effectively cut the strength of encryption in half, said Anne Dames, IBM distinguished engineer focused on cryptographic technology development. This means that a file encrypted with anything less than the AES-256 standard will likely be vulnerable to quantum-based cyber attacks.
The AES-128 standard is considered resistant to quantum-based attacks – brute force attempts to break the encryption – but if the file is encrypted with AES-128, to begin with, then this strength is cut in half, according to Dames, meaning the encryption can be broken.
We are already seeing early-stage ‘preparatory’ quantum-based cyber attacks in the real world, Dames added, in the form of ‘harvest now, decrypt later’ campaigns.
“Some of the attacks, trust me, have already started in the ‘harvest now, decrypt later’ scenarios where people are capturing data today to save it until they can get access to a quantum computer, and in an offline fashion, try to decrypt that data,” she said. “So there are just a number of scenarios and a number of attack scenarios that bad actors will potentially try.”
IBM said customers should consider investing in the new technology now to avoid extortion attempts and loss of intellectual property in the future, should they fall victim to ‘harvest now, decrypt later’ attacks in the future.
The z16 mainframe also allows businesses to encrypt more of their data without undue strain on resources, according to Ross Mauri, general manager of IBM Systems.
“Sometimes there’s an innovation or two that turn out to be real game-changers,” he said. “To give you an example in z14 with pervasive encryption, where we put a crypto engine accelerator right on the microprocessor, we turned an industry-first into a game-changer for our clients.
“Because before this, clients were sometimes encrypting three, four, maybe 5% of their data. And now with this on-chip accelerator, they could encrypt all their data all the time, a real game-changer and that coming in with zero impact to performance and their service level agreements.”
The z16 also brings an artificial intelligence (AI) and deep learning accelerator to its Telum microprocessor, which aims to deliver better AI and deep learning performance on a bigger scale and all with much lower latency.
IBM said the achievement is another industry-first and one that is already benefiting the financial services industry as it tackles real-time fraud detection.
The on-chip AI accelerator allows banks, for example, to increase the accuracy of their fraud detection when completing operations like credit card authorisation applications.
Before z16, IBM said one large US bank ran into problems including timeouts and inconsistent response times. With its latest mainframe technology, IBM said its customers can complete more accurate anti-fraud checks at once, with lower latency, and this has led to “fraud prevention savings in the high digit millions of dollars annually,” according to Elpida Tzortzatos, CTO at IBM Systems, AI.
IBM said the z16 can process 300 billion inference requests a day at 1ms of latency when in the past latency has typically been as high as 80ms. Consumers stand to benefit from the time saved in handling potentially fraudulent credit card transactions, while merchants save revenue from preventing unnecessary false declines on transactions, for example.
Other applications for the z16’s hardware include more expeditious loan approvals, transaction clearing and settlement, and federated learning for retail.
Ⓒ Future Publishing