New solution is the latest advancement in development and deployment of attribute-based encryption, which recently received an upgrade for the quantum computing era

News Highlights:

• NTT Research’s new Zero Trust Data Security (ZTDS) Suite, powered by attribute-based encryption (ABE), provides protection at the data level, addressing key challenges associated with Zero Trust Architecture (ZTA) implementation.
• A recent breakthrough by NTT Research scientists overcomes performance limitations to enable ABE in quantum-safe deployments (PQC-ABE: Post Quantum Cryptography based Attribute Based Encryption).
• The Center for Research and Development on Secure Computer Systems (CRADSEC) will license ABE software and combine it with Trusted Execution Environments (TEE) for new security use cases.

Today, NTT Research, Inc., a division of NTT (TYO: 9432), announced the Zero Trust Data Security (ZTDS) Suite, a new set of cybersecurity solutions powered by attribute-based encryption (ABE) of data, even against the rising threat of quantum computing-enhanced cyberattacks. Additionally, NTT Research announced that the Center for Research and Development on Secure Computer Systems (CRADSEC) will license ABE software to enhance its development of secure virtual environments.

The ZTDS Suite incorporates the ZTDS Platform, powered by ABE and AI, along with a collection of applications that address diverse use cases, including documentation protection, secure sovereign video and data protection in AI environments. Additional applications will be introduced based on market demand and client needs.

“With the exponential development of quantum technologies, governments and security standards bodies are calling on organizations to migrate to a quantum-ready cybersecurity strategy,” said NTT Research President and CEO Kazu Gomi. “In anticipation of the quantum computing era, NTT Research’s ZTDS Suite ensures critical data will remain secure after quantum capabilities become practical. After the decades-long study and development of ABE, NTT Research is now offering a proactive security solution that outlines a clear migration strategy for a post-quantum world that builds confidence and reinforces commitments to data protection.”

Attribute-Based Encryption: the Future of Data Security

ABE is an encryption technology enabling fine-grained access control and enforcement policies by determining whether data should be decrypted based on specific qualities, such as employee role or affiliation. Dr. Brent Waters, now the director of the NTT Research Cryptography & Information Security (CIS) Lab, proposed the concept of ABE alongside co-author Dr. Amit Sahai in the 2005 paper, “Fuzzy Identity-based Encryption.”

ABE is divided into three primary control categories: content-based, role-based and multi-authority access policies:

• Content-Based Access Control: Users can create policies defining access to specific types of content. For example, if a food delivery company needs to resolve a dispute, content-based access control ensures a specific manager can only access the data attribute of “delivery address” within the geographic range they are responsible for.

• Role-Based Access Control: Organizations can establish policies dictating which specific levels or roles within the organization can decrypt specific portions of that content. For example, NTT Research may determine that any CIS Lab employee can access another CIS Lab employee’s research, but an employee outside of the CIS Lab can only access the executive summary of the research if they are employed at the executive level.

• Multi-Authority Access Policies: When more than one organization is involved in issuing access credentials, secret keys that associate with the user credentials are issued by the different organizations independently of each other. Unlocking encrypted content requires the user to have the proper keys and to meet pre-defined dynamic attributes defined in the keys, such as location of the user or affiliation of the user.

Making ABE Quantum-Secure

Previously, performance limitations made ABE post-quantum computing (PQC) solutions impractical for real-world deployment. However, a recent breakthrough from NTT Research scientists overcomes these obstacles and creates a path for quantum-safe ABE deployments that meet regulatory guidelines and deadlines. For example, this breakthrough enables ABE constructions to work in the Ring-LWE setting, which is a special case of the Module-LWE setting, the paradigm of many standardization efforts for post-quantum encryption, mainly for public key encryption and digital signatures. Furthermore, our PQC-ABE constructions admit a seamless decentralization into a multi-authority environment.

Finally, this breakthrough represents the first practical candidates for large-universe PQC-ABE from standard assumptions.

“Organizations conventionally rely on zero trust architectures to protect their system and network infrastructure. While these defenses currently excel at maintaining a strong perimeter against attackers, once the data file itself is leaked, the security is breached. ZTDS provides comprehensive solutions to this scenario by maintaining access controls to the files even if the file is copied, i.e. the file leaks out from the perimeter. Also, quantum computing poses an existential threat to the conventional public key encryption. This new PQC-ABE provides peace of mind for this threat,” said NTT Research Senior Vice President of Technology Development and Product Incubation Hub Bennett Indart.

NTT Research’s Crypto Agility software enables transparent migration from legacy ABE algorithms to PQC algorithms. This technology ensures seamless application compatibility, enabling organizations to flexibly adapt their solutions to new security standards and mitigate post quantum risks.

How CRADSEC is Leveraging ABE

CRADSEC, a part of the Research Organization of Information and Systems, is an organization in Japan dedicated to advancing computer security through the research and development of new cybersecurity solutions. CRADSEC is implementing ABE software that operates within a Trusted Execution Environment (TEE). A TEE is defined by researchers in a 2015 paper as “an isolated processing environment in which applications can be securely executed irrespective of the rest of the system.”

“Enabling ABE capabilities within a TEE makes it possible to perform highly secure, value-added cryptographic operations such as revocation,” said CRADSEC Director and Project Professor Yutaka Ishikawa. “From the hardware perspective, we will provide highly versatile TEE primitives. Using these primitives, system software will be able to flexibly configure protection domains.”

Looking Ahead

NTT Research’s software is the only commercially available ABE solution in the market with enterprise-grade support, making it ideal for mission critical deployments across the academic, public sector and enterprise environments. NTT Research remains committed to ABE as a core technology in the quantum-computing era and continues to elevate the technology’s performance optimization, feature development and scalability for diverse use cases across multi-agent and multi-authority models.

About NTT Research

NTT Research opened its offices in July 2019 in Silicon Valley to conduct basic research and advance technologies as a foundational model for developing high-impact innovation across NTT Group’s global business. Currently, four groups are housed at NTT Research facilities in Sunnyvale: The Physics and Informatics (PHI) Lab, the Cryptography and Information Security (CIS) Lab, the Medical and Health Informatics (MEI) Lab, and the Physics of Artificial Intelligence (PAI) Group. The organization aims to advance science in four areas: 1) quantum information, neuroscience and photonics; 2) cryptographic and information security; 3) medical and health informatics; and 4) artificial intelligence. NTT Research is part of NTT, a global technology and business solutions provider with an annual R&D investment of thirty percent of its profits.

The names NTT and NTT Research, as well as the NTT and NTT Research logos, are trademarks and service marks of NTT, Inc. or NTT Research, Inc., and/or their affiliates. All other referenced product names are trademarks of their respective owners. © 2025 NTT Research, Inc.

View source version on businesswire.com: https://www.businesswire.com/news/home/20251117938214/en/