FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
The patent Rule, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
TITLE OF THE INVENTION
“METHOD AND DEVICE FOR PERFORMING DATA ENCRYPTION USING QUANTUM COMPUTING”
ZENSAR TECHNOLOGIES LTD., Zensar Knowledge Park, Plot#4, MIDC, Kharadi, Off Nagar Road, Pune – 411014
The following specification particularly describes the invention and the manner in which it is to be performed.

“METHOD AND DEVICE FOR PERFORMING DATA ENCRYPTION USING
QUANTUM COMPUTING”
TECHNICAL FIELD [0001] The present disclosure generally relates to the field of data encryption. Particularly, the present disclosure relates to a system and a method for performing data encryption using quantum computing.
BACKGROUND [0002] Data is invaluable for the growth of any organization as it helps the organizations in understanding their business and customers. With the technological advancements, organizations are creating huge amount of data every day and with the increasing volume of data, the incidents of leakage of sensitive data (e.g., personal data of customers, confidential data of organization etc.) are also increasing. Organizations employ various security measures to prevent the data from getting into the hands of unauthorized elements. Data encryption is one such measure.
[0003] Data encryption is a cybersecurity technique which protects the sensitive data by converting human readable data (i.e., plaintext) into alternative form known as ciphertext. The ciphertext can be read only by the person who has a security code or a decryption key. Thus, despite of data breach, encryption ensures that the sensitive data is safe, even when an intruder accesses the sensitive data.
[0004] However, these encryption techniques are resource intensive and time consuming i.e., the current encryption techniques consume massive amount of time and require fast processors to secure the data. Further, maintaining the security keys for the constantly growing volume of data is also a complicated task. Thus, with the huge and rapidly growing amount of data that needs to be secured from the intruders, there is a need for further improvement in the technology, especially for data security measures that consume fewer computing resources and that can protect the data from any type of cyberattack. [0005] The information disclosed in this background section is only for enhancement of understanding of the general background of the invention and should not be taken as an

acknowledgement or any form of suggestion that this information forms the prior art already known to a person skilled in the art.
SUMMARY [0006] One or more shortcomings discussed above are overcome, and additional advantages are provided by the present disclosure. Additional features and advantages are realized through the techniques of the present disclosure. Other embodiments and aspects of the disclosure are described in detail herein and are considered a part of the disclosure. [0007] In a non-limiting embodiment of the present disclosure, the present application discloses a method of performing data encryption using quantum computing. The method comprises determining a signature size (S) of an input document. The signature size (S) of the input document indicates a size of data to be encrypted in the input document. The method further comprises comparing the signature size (S) of the input document with a plurality of size threshold values, where the plurality of size threshold values corresponds to a plurality of quantum encryption techniques (M). The method further comprises selecting a quantum encryption technique, among the plurality of quantum encryption techniques (M) based on the comparing, for encrypting the input document. [0008] In another non-limiting embodiment of the present disclosure, the present application discloses a system for performing data encryption using quantum computing. The system comprises a memory and at least one processor communicatively coupled with the memory. The processor is configured to determine a signature size (S) of an input document, where the signature size (S) of the input document indicates a size of data to be encrypted in the input document. The processor is further configured to compare the signature size (S) of the input document with a plurality of size threshold values, where the plurality of size threshold values corresponds to a plurality of quantum encryption techniques (M). The processor is further configured to select a quantum encryption technique, among the plurality of quantum encryption techniques (M) based on the comparing, for encrypting the input document
[0009] The present disclosure utilizes the principles of quantum computing (i.e., Post-quantum cryptography signatures) for data encryption. Specifically, the present disclosure proposes techniques that utilize the fast-processing capabilities of quantum computing systems for storing, encrypting, and analyzing huge volume of data at blazing speed. The

techniques of the present disclosure utilize the quantum computing principles for protecting the data from falling into the hands of intruders.
[0010] The foregoing summary is illustrative only and is not intended to be in any way limiting. In addition to the illustrative aspects, embodiments, and features described above, further aspects, embodiments, and features will become apparent by reference to the drawings and the following detailed description.
BRIEF DESCRIPTION OF DRAWINGS [0011] Further aspects and advantages of the present disclosure will be readily understood from the following detailed description with reference to the accompanying drawings. Reference numerals have been used to refer to identical or functionally similar elements. The figures together with a detailed description below, are incorporated in and form part of the specification, and serve to further illustrate the embodiments and explain various principles and advantages, in accordance with the present disclosure wherein: [0012] Figure 1 shows an exemplary environment of a communication system 100 for performing data encryption using quantum computing, in accordance with some embodiments of the present disclosure.
[0013] Figure 2 shows a process flow diagram 200 for performing data encryption using quantum computing, in accordance with some embodiments of the present disclosure. [0014] Figure 3(a) shows a process flow 300-1 illustrating data pattern identification using a rule based parser, in accordance with some embodiments of the present disclosure. [0015] Figure 3(b) shows a block diagram 300-2 illustrating receiving of data for performing data encryption, in accordance with some embodiments of the present disclosure.
[0016] Figure 3(c) shows a block diagram 300-3 illustrating receiving of data for performing data encryption and storing encrypted data in a datastore, in accordance with some embodiments of the present disclosure.
[0017] Figure 4 shows a block diagram 400 of the computing device 120, in accordance with some embodiments of the present disclosure.
[0018] Figure 5 shows a flowchart 500 illustrating a method for performing data encryption using quantum computing, in accordance with some embodiments of the present disclosure.

[0019] It should be appreciated by those skilled in the art that any block diagrams herein represent conceptual views of the illustrative systems embodying the principles of the present disclosure. Similarly, it will be appreciated that any flowcharts, flow diagrams, state transition diagrams, pseudo code, and the like represent various processes which may be substantially represented in computer readable medium and executed by a computer or processor, whether or not such computer or processor is explicitly shown.
DETAILED DESCRIPTION [0020] In the present disclosure, the word “exemplary” is used herein to mean “serving as an example, instance, or illustration.” Any embodiment or implementation of the present disclosure described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other embodiments.
[0021] While the disclosure is susceptible to various modifications and alternative forms, specific embodiments thereof have been shown by way of example in the drawings and will be described in detail below. It should be understood, however, that it is not intended to limit the disclosure to the particular form disclosed, but on the contrary, the disclosure is to cover all modifications, equivalents, and alternatives falling within the spirit and the scope of the disclosure.
[0022] The terms “comprise(s)”, “comprising”, “include(s)”, or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a setup, device, apparatus, system, or method that comprises a list of components or steps does not include only those components or steps but may include other components or steps not expressly listed or inherent to such setup or device or apparatus or system or method. In other words, one or more elements in a device or system or apparatus proceeded by “comprises… a” does not, without more constraints, preclude the existence of other elements or additional elements in the system.
[0023] In the following detailed description of the embodiments of the disclosure, reference is made to the accompanying drawings that form a part hereof, and in which are shown by way of illustration of specific embodiments in which the disclosure may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the disclosure, and it is to be understood that other embodiments may be utilized and that changes may be made without departing from the scope of the present disclosure. The

following description is, therefore, not to be taken in a limiting sense. In the following description, well known functions or constructions are not described in detail since they would obscure the description with unnecessary detail.
[0024] The terms like “at least one” and “one or more” may interchangeably be used throughout the disclosure. The terms like “a plurality of” and “multiple” may interchangeably be used throughout the disclosure. At few instances, the terms like “data encryption” and “data masking” may interchangeably be used. The terms like “computing system” and “computing device” may interchangeably be used throughout the disclosure. The terms like “rule based parser” and “Anonymous Rule Engine” may interchangeably be used throughout the disclosure. The terms like “quantum encryption techniques” and “Post-Quantum Cryptography signatures” may interchangeably be used throughout the disclosure. [0025] Further, the terms like “data” and “information” may interchangeably be used throughout the present disclosure. The term ‘data’ in the present disclosure may refer to any kind of digital data including transmitted data or data in-transit, and stored data. Data which is actively moving from one location to another location either via Internet or over a private network is known as ‘data in-transit’ or ‘transmitted data’. On the other hand, data which is not actively moving and is stored on some storage medium e.g., on a flash drive, hard drive, server etc. is known as ‘stored data’ or ‘data at rest’. Both the ‘data in transit’ and ‘stored data’ are at risk from intruders and hence it is required to protect them (i.e., ‘data-in transit’ and ‘stored data’) to avoid confidential data/information from falling into the hands of unauthorized elements. Data in transit is considered to be less secure compared to stored data. In the present disclosure the term ‘data’ refers to any kind of data including the ‘data-in transit’ and/or the ‘stored data’. Data encryption and data masking are popular techniques to protect the data from falling into the hands of intruders.
[0026] Organizations usually mask sensitive data before storing and before sharing it across any network. The masking and storing may involve many aspects including encrypting the sensitive data and storing the encrypted data for further use (e.g., business decision making, analyzing customer behavior, etc.). Encryption of data is important specifically where sensitive, confidential, or private information/data is shared over the network. Currently, data encryption is done in most of the applications using algorithms which runs on x86 system architecture. However, with the development of powerful processors that are able to

handle huge data volume with faster speeds, the incidents of security breaches and leakage of sensitive data are increasing. Modern intruders are using advanced techniques and advanced processors to apply different methods to bypass/ break the security firewalls of organizations.
[0027] As discussed earlier, data encryption is a cybersecurity technique which protects the sensitive data by converting readable text or plaintext into unreadable text or ciphertext (i.e., encoded data). A decryption key is required to convert the encoded data back into the readable format. The encryption techniques are broadly divided into two types i.e., asymmetric encryption and symmetric encryption. Symmetric encryption is the simplest kind of encryption technique where only a single secret key is used to encrypt the plaintext and decrypt the ciphertext. The single secret key is shared with all the parties that need to decrypt the plaintext. Most widely used symmetric encryption techniques include Data Encryption Standards (DES), Advanced Encryption Standard (AES), 3DES, Twofish, Blowfish etc. Asymmetric encryption also known as public key cryptography uses a pair of keys (i.e., a public key and a private key) for encrypting and decrypting any data/information. Most widely used asymmetric encryption techniques include Rivest Shamir Adleman (RSA), Digital Signature Algorithm (DSA), and Elliptic Curve Cryptography (ECC).
[0028] However, the encryption techniques are not foolproof because an intruder can create programs to hack into the encrypted data and access the sensitive information. For example, the encryption keys may inadvertently be exposed, thereby compromising the security of the data. Also, the encryption keys may be lost, stolen, or deleted, leading to permanent loss of the encrypted data. In addition, the current encryption techniques are resource intensive and time consuming i.e., the encryption techniques consume massive amount of time and require fast processors to secure the data. Additionally, maintaining the security keys for the growing amount of data is also a challenging task.
[0029] As the organizations are generating more and more data, security of data becomes more important because it directly or indirectly impacts the business decisions and future of the organizations. Organizations are investing significant amount of money for managing and securing their huge volume of data e.g., by procuring advanced hardware for storing and securing the data. However, there are cases of data leakage even at the advanced

hardware levels. For instance, with the advancements in technology, particularly in quantum computing, large-scale quantum computers are built which are able to break many of the data encryption techniques currently in use, leading to leakage of the sensitive data. [0030] There exists a need for cryptographic systems that are secure against cyberattacks caused by both quantum and non-quantum computers and that can interoperate with existing communications protocols and networks. Post-quantum cryptography (PQC) offers a solution to the above problem by safeguarding the data using the principles of quantum computing.
[0031] The present disclosure provides techniques (methods and systems/devices) that utilize the principles of quantum computing for data encryption. Specifically, the present disclosure proposes techniques that utilize the fast-processing capabilities of quantum computing systems for storing, encrypting, and analyzing huge volume of data at blazing speed. Quantum computing systems use the properties of quantum physics to store data and to perform computations and encryption. Thus, the quantum computing systems can vastly outperform even the best classical supercomputing machines.
[0032] The basic unit of memory in a quantum computing system is a ‘quantum bit’ or ‘qubit’. Qubits may represent 0 state, 1 state, and a mixed state, called a “superposition” where both 1 and 0 exists at the same time. Thus, the quantum computing systems may be in many different states all at once. Hence, a series of qubits can represent different things simultaneously. For example, four bits are enough for a classical computing system to represent any number between 0 and 16. But using four qubits, a quantum computing system can represent every number between 0 and 16. Therefore, the quantum computing systems has edge over the classical computing systems.
[0033] Referring now to Figure 1, which illustrates a communication system 100 for use in data encryption, in accordance with some embodiments of the present disclosure. The communication system 100 may comprise a computing device 120 communicating with one or more data sources and/or one or more quantum/ non-quantum computing systems (not shown in figure[s]) via at least one network (not shown in figure[s]). [0034] According to an embodiment of the present disclosure, the computing device 120 may be a quantum computing device 120 which may comprise at least one quantum processor (also referred to as “processor” in the present disclosure) 140, at least one memory

150, and at least one transceiver (not shown). The processor 140 may include, but not restricted to, quantum circuits and quantum logic gates. The quantum processor 140 may use qubits for data processing.
[0035] The memory 150 may be communicatively coupled to the processor 140. The memory 150 may comprise various instructions, input document(s), encrypted document(s), and quantum signature(s), etc. The memory 150 may include a Random-Access Memory (RAM) unit and/or a non-volatile memory unit such as a Read Only Memory (ROM), optical disc drive, magnetic disc drive, flash memory, Electrically Erasable Read Only Memory (EEPROM), a memory space on a server or cloud, and so forth.
[0036] The computing device 120 may also be referred to as a data encryption system or device which may fetch/receive at least one document 110, analyze the received document 110, apply a suitable quantum encryption technique for encrypting the received document 110, and output the encrypted document 130. The encrypted document 130 may be stored in a memory or may be shared over the network.
[0037] Referring now to Figure 2, which illustrates a detailed process flow 200 for encrypting the input document 110 using the computing device 120, in according with some embodiments of the present disclosure. In one non-limiting embodiment of the present disclosure, the processor 140 of the computing device 120 may receive the input document 110. The input document 110 may be received from an external device via the network. In one embodiment, the document 110 may be provided (or uploaded) by a user on the computing device 120. For the sake of explanation, only one input document has been shown in Figures 1 and 2. However, the present disclosure is not limited thereto and, in general, a plurality of input documents may be uploaded/provided to the computing device 120. In one non-limiting embodiment, the input documents may arrive continuously at the computing device 120 and may be processed parallelly by the computing device 120. [0038] In a first step 210, the processor 140 may perform pre-processing on the input document 110. The input document 110 may comprise both structured and unstructured data and may be in any format including, but not limited to, text, images, word/document files, web pages, excel, PDFs etc. In an aspect, the pre-processing of the input document 110 may comprise converting the input document 110 (which may be in any format) into a pre¬defined format (e.g., pdf). For image or PDF input medical record, the pre-processing may

additionally comprise Optical Character Recognition (OCR) to extract textual content from the input document 110.
[0039] The input document 110 may be any electronic/digital document which may include sensitive data or information such as Personally Identifiable Information (PII), confidential business information, intellectual property related information, customer information, financial data, product release information, research and development data, but not limited thereto. PII may include any information which, either alone or in combination with other information, may be used to uniquely identify a particular individual. Examples of PII may include, but not limited to, name, mobile number, telephone number, fax number, address, bank account details, debit/credit card details, driving license number, Aadhar card number, passport number, family identity number, Permanent Account Number (PAN), email address, vehicle registration number, Internet Protocol address, voter card number, social security number (SSN), Protected Health Information (PHI), etc. Here, PHI may refer to any information present in a medical record which, either alone or along with other information, may be used to identify an individual or a patient.
[0040] In a second step 220, the processor 140 may identify one or more data patterns DP in the input document 110 which are to be secured against cyberattacks. In general, data patterns refer to portions of data that need to be masked in the input document 110. In the present disclosure, a data pattern may refer to any information or data which is important or critical or sensitive or confidential and which needs to be protected from intruders. For instance, in a normal document, the PII may be referred to as data patterns. Similarly, in a medical record, the various PHIs may be referred to as data patterns. However, the present disclosure is not limited thereto and in general, the techniques of the present disclosure are equally applicable for encrypting any kind of data/information present in any type of document.
[0041] The pattern identification step 220 may further comprise various sub-steps. In a first sub-step 220-1 of pattern identification, the processor 140 may parse through the input document 110 using a rule based parser (also referred to as an “Anonymous Rule Engine (ARE)”) to identify data patterns DP1 which need to be secured. The rule based parser may comprise one or more predefined rules for identifying the data patterns DP1 in the input document 110. The rules are written by data experts and stored in the memory 150.

[0042] Consider an example, where the input document 110 (which is to be shared with someone outside of the organization over the network) comprises following text:
“CONFIDENTIAL INFORMATION We are contacting Mr. ABC who is currently working with XYZ Ltd. We think he would be a good candidate for your company. You may contact him on his mobile number +91-2222222222 or email address abc@gmail.com. The AADHAR card number of Mr. ABC is 8888 8888 8888 and PAN number is ABCDE1234F.”
[0043] The emphasized text in the above example may be considered as the confidential information. Thus, the entire document or at least the highlighted text needs to be encrypted before sharing this document over the network. One or more rules may be created to identify such confidential information present in the document 110. For example, one may create a rule that any word followed by the prefix “Mr.” or “Mrs.” is a PII (i.e., name) which is to be encrypted. Similar, another rule may be created which defines that any 10-digit number followed by prefix “+91” is an Indian mobile number (which is also PII). Yet another rule may be created which defines that any alphanumeric pattern of length 10 having first four alphabets followed by four digits and then followed by one alphabet is a PAN number (which is again PII).
[0044] The rules are easily interpretable by the processor 140. Based at least on these rules, the processor 140 may process the document 110 and identify the data patterns DP1 which are to be encrypted. The output data patterns DP1 from the step 220-1 using the above-defined rules may be:
DP1: {‘ABC, ‘2222222222’, ‘ABC, ‘ABCDE1234F} [0045] In a second sub-step 220-2 of pattern identification, the processor 140 may parse the input document 110 using one or more machine learning (ML) based techniques or models to identify one or more data patterns DP2 which need to be encrypted. The ML based techniques process the input documents 110 using one or more ML models which are trained for identifying data patterns DP2 in the input document 110. It may be noted that the training of the models has not been explained in detail in the present disclosure and it is assumed that a person skilled in the art may carry out the training of model(s) using the conventional training methods. In one non-limiting embodiment, the processor 140 may use a natural language processing (NLP) engine which uses NLP techniques for identifying data patterns

DP2 in the input document 110. NLP may use Natural-language understanding (NLU) to understand meaning or the intent behind different keyword of the input document 110 for identifying the data patterns DP2. It may be noted that the sub-step 220-2 is independent of the sub-step 220-1 and is performed in parallel to sub-step 220-1. For the above exemplary document, the output patterns DP2 from the step 220-2 may be:
DP2: {‘2222222222’, ‘abc@gmail.com’, ‘8888 8888 8888’, ‘ABCDE1234F’}. In one non-limiting embodiment, the sub-step 220-2 may depend on the sub-step 220-1 and the processor 140 may use the ML based techniques to identity only those data patterns which are not identified by the rule based parser or which are different from the patterns identified by the rule based parser. In such case, the output patterns DP2 from the step 220-2 may be:
DP2: {‘abc@gmail.com’, ‘8888 8888 8888’} [0046] It may be noted here that if the same data pattern is appearing at more than one instances in the input document 110 (e.g., the data pattern ‘ABC’ is appearing twice in DP1), the output data patterns (e.g., DP1 here) may include all occurrences of this data pattern. In an alternative embodiment, the output pattern may include only a single occurrence of each data pattern and the frequency of occurrence of the data patterns may be stored in a separate list. In such embodiment, the location of occurrence (e.g., in terms of coordinates, line numbers, page numbers etc.) may also be stored in a different list. In one embodiment, the processor 140 may form a single multi-dimensional list comprising data patterns along with their frequencies of occurrence and their locations within the input document 110. These lists may be stored in the memory 150.
[0047] Thereafter, at sub-step 220-3, the processor 140 may perform final pattern identification based on the identified data patterns DP1 and DP2. The processor 140 may generate a final set of data patterns DP after removing duplicate data patterns (i.e., after removing the data patterns which are appearing in both DP1 and DP2). For instance, in above exemplary document, the data patterns ‘2222222222’ and ‘ABCDE1234F’ are appearing in both DP1 and DP2. Thus, the processor 140 may keep only one occurrence of these data patterns in the final set of data patterns DP. However, when the processor 140 uses the ML based techniques to identity only those data patterns which are not identified

by the rule based parser, then there is no need of removing duplicate patterns. For the above
exemplary document, the final data patterns DP (i.e., the output of the step 220-3) may be:
DP: {‘ABC’, ‘2222222222’, ‘ABC’, ‘abc@gmail.com’, ‘8888 8888 8888’,
‘ABCDE1234F’} [0048] The final data patterns DP comprises the information or data patterns which are required to be encrypted. As discussed earlier, the conventional encryption techniques are not effective in protecting the data patterns DP from cyberattacks caused by quantum computing devices. Hence, the present disclosure uses the quantum encryption techniques or Post-Quantum Cryptography (PQC) signatures for encrypting the input document 110. National Institute of Standards and Technology (NIST) has initiated a process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. There is a plurality of PQC signatures that have been submitted to NIST including Dilithium and Falcon.
[0049] Dilithium is a digital signature scheme that is strongly secure under chosen message attacks based on the hardness of lattice problems over module lattices. Dilithium is one of the candidate algorithms which have been submitted to NIST post-quantum cryptography project. Dilithium has larger ciphertext size which may be important for some applications. Dilithium has its own standardized key establishment and has its own Federal Information Processing Standards (FIPS) certificates.
[0050] Falcon is based on the theoretical framework of Gentry, Peikert and Vaikuntanathan for lattice-based signature schemes. Falcon offers many features including security (i.e., negligible leakage of sensitive information); compactness (i.e., signatures are substantially shorter than other lattice-based signature schemes); speed (i.e., very fast implementations, e.g., in the thousands of signatures per second on a common computer); scalability, RAM Economy (i.e., Falcon is compatible with small, memory-constrained embedded devices). Falcon signature has much smaller ciphertext size which may be important for some applications. Similar to Dilithium, Flacon also has its own standardized key establishment and has its own FIPS certificates.
[0051] Dilithium PQC signatures may be further categorized into: Dilithium 2, Dilithium 3, Dilithium 5. And Falcon PQC signatures may be further categorized into: Falcon 512 and Falcon 1024. It may be noted that the present disclosure is explained with the help of

Dilithium and Falcon as PQC signatures. However, the techniques of the present disclosure are equally applicable for any PQC signature including the PQC signatures which will be developed in future.
[0052] To achieve better performance, it is always required to select a best PQC signature from a plurality of available PQC signatures for encrypting the input document 110. Selection of a particular PQC signature depends on a signature size (S) of the input document 110. The signature size (S) of a document indicates a size of data (in bytes) which is to be encrypted in the input document 110. The determination of the signature size (S) is explained in the forthcoming paragraphs.
[0053] Initially, the processor 140 may determine an average sample proposition of the input document 110 by applying statistical techniques on the number of patterns which are present in the sets DP1 and DP2. Consider that:
P1 indicates the number of data patterns identified by the rule based parser or the number of data patterns which are present in the data pattern set DP1 (also referred to as the “first number of data patterns”);
P2 indicates the number of data patterns identified by the trained ML model or the number of data patterns which are present in the data pattern set DP2 (also referred to as the “second number of data patterns”); and
P indicates the average sample proposition. [0054] The average sample proposition (P) may be defined as a weighted combination of the first number of data patterns (P1) identified by the rule based parser and the second number of data patterns (P2) identified by the ML model. Since the data patters DP1 are identified using user-defined rules, the first number of data patterns (P1) provides a more reliable estimate of the average sample proposition (P). Thus, while calculating the average sample proposition (P), the first number of data patterns (P1) are usually given more weightage compared to the second number of data patterns (P2). In particularly, the average sample proposition (P) of the input document 110 may be computed using following equation:

(1)
where,
M is the number of PQC signatures which are available for performing data encryption. [0055] Now, the signature size (S) of the input document 110 may be calculated based on the average sample proposition (P), the first number of data patterns (P1), the second number of data patterns (P2), and the number of PQC signatures (M). In particularly, the signature size (S) of the input document 110 may be computed using following equations:
(2) where,
(3)
(4)
(5)
In view of above equations (2)-(5), the signature size (S) of the input document 110 may be computed as follows:
(6)
[0056] Next, in step 230, once the signature size (S) of the input document 110 is computed, the processor 140 may compare the determined signature size (S) with a signature size chart (comprising one or more signature size thresholds) for selecting a suitable PQC signature from the plurality of available PQC signatures, for encrypting the input document 110, as indicated in below Table 1.

S. No. Name of PQC signature Signature size (S)
1. Falcon 512 666
2. Falcon 1024 1280
3. Dilithium 2 2420
4. Dilithium 3 3293
5. Dilithium 5 4595
Table 1: Different PQC signatures and their signature sizes
[0057] Referring to Table 1, when the signature size (S) is between 0 and 1280, the processor 140 may select Falcon PQC signature for encrypting the input document 110 and when the signature size (S) is between 1281 and 4595, the processor 140 may select Dilithium PQC signature for encrypting the input document 110. More specifically, when the signature size (S) is between 0 and 666, the processor 140 may select Falcon 512 PQC signature for encrypting the input document 110. When the signature size is between 667 and 1280, the processor 140 may select Falcon 1024 PQC signature. When the signature size is between 1281 and 2420, the processor 140 may select Dilithium 2 PQC signature. When the signature size is between 2421 and 3293, the processor 140 may select Dilithium 3 PQC signature. And when the signature size is between 3294 and 4595, the processor 140 may select Dilithium 5 PQC signature for encrypting the input document 110. [0058] It may be noted that in an exceptional scenario, the processor 140 may select Dilithium as the default PQC signature, without calculating the signature size (S), for encrypting the input document 110. For instance, if either one of P1 and P2 is zero, then the processor 140 may select Dilithium as default encryption technique. In another exceptional scenario, if D=0 in equation (2) (i.e., both P1 and P2 are equal but non-zero), then the processor 140 may set the value of D as 1 while calculating the signature size (S). Further, if P1 and P2 both are zero, then no PQC signature will be selected because there is no data pattern to be encrypted in the input document 110.
[0059] Consider that there are only two PQC signatures (Falcon and Dilithium) i.e., M=2. Consider a first exemplary input document, where P1= P2=4. Then, using equation (1) the value of P=4. Now, putting the values of P, P1, P2, and M in equation (6) and considering

the above-mentioned exception, the signature size of the first document comes as 89.46. Since the signature size is in the range of Falcon PQC signatures. So, Falcon would be appropriate PQC signatures for encrypting this document. Consider a second exemplary document, where P1=6, P2=4, and M=2. Then, using equation (1) the value of P=5.33. Now, putting the values of P, P1, P2, and M in equation (6), the signature size of the second document comes as 51.76. Since the signature size is in the range of Falcon PQC signatures. So, Falcon would be appropriate PQC signatures for encrypting this document. Consider a third exemplary document, where P1=4, P2=6, and M=2. Then, using equation (1) the value of P=4.66. Now, putting the values of P, P1, P2, and M in equation (6), the signature size of the third document is: 51.76. Since the signature size is in the range of Falcon PQC signatures. Again, Falcon would be appropriate PQC signatures for encrypting this document.
[0060] In one non-limiting embodiment, when the signature size of the input document 110 exceeds all of the size thresholds (or the highest size threshold value which is 4595 in above table), then the processor 140 may split the input document randomly into two or more documents and separately determine suitable PQC signatures for the two or more-documents using above-described techniques. If the determined signature size of any of the two or more documents is still exceeding the size thresholds, the processor 140 may further split the document(s) (whose signature size is exceeding the thresholds). [0061] For example, consider a scenario where for any values of P1, P2, and M, the signature size (S) is 5929. In such scenario, since the signature size (S) is exceeding the thresholds signature sizes, the processor 140 may split the document into two or more documents. Consider that the processor 140 splits the input document into three documents Doc1, Doc2, and Doc3 having signature sizes as 442, 3212, and 2275. Now based on Table 1, the PQC signatures Falcon-512, Dilithium 2, and Dilithium 3 may be selected for the documents Doc1, Doc2, and Doc3 respectively.
[0062] Finally, in step 240, the processor 140 may perform quantum encryption on the input document 110 using the selected PQC signature for encrypting the input document 110. Once the input document 110 is encrypted, it may be stored in the memory or may be transmitted over the network.

[0063] Consider an exemplary scenario, where performing the data encryption may involve replacing some or all parts of the identified data patterns DP with one or more character strings to generate anonymized version of input document. The character strings may comprise random character strings. For instance, the exemplary text of paragraph [0042], after performing data encryption may look like:
“CONFIDENTIAL INFORMATION We are contacting Mr. ### who is currently working with XYZ Ltd. We think he would be a good candidate for your company. You may contact him on his mobile number +91-********** or email address ***@gmail.com. The AADHAR card number of Mr. ### is #### 88## ***8 and PAN number is ##########.”
It may be noted that this is just an exemplary illustration of masking/encryption and in general performing the encryption may include converting input document 110 or the data patterns DP (i.e., plaintext) into unreadable text or ciphertext using the PQC signatures. In such case, a decryption key is needed to revert encoded data back into the plaintext. [0064] The quantum encrypted document 130 is completely secure against any attack by any intruder and it is impossible to copy or view data encoded in a quantum state without alerting the sender or receiver. Further, the encrypted document 130 remains completely safe even against the attacks which use quantum computing devices. Further, since the computation power of quantum processors is very fast, the data encryption consumes very less time.
[0065] In one non-limiting embodiment, the encrypted data along with the PQC signature and other necessary data may be saved in the memory 150 of the computing device 120. Also, metadata related to the process of encryption may also be saved in the memory 150. Some or all of the saved information may be utilized to decrypt the encrypted document. [0066] In one non-limiting embodiment, the processor 140 may automatically generate rules for the rule based parser and may provide PQC signature recommendations based on historical/past data. For instance, the computing device 120 may collect various data related to types/categories of input documents, patterns present in the input documents, rules used for identifying the patterns present in the input documents, PQC signatures used for encrypting the input documents etc. and save the same in the memory 150 which may then be used to build/generate a PQC signature recommendation system/model on top of the

stored data to automatically generate rules and recommend PQC signatures for encrypting
documents. Consider that an input document D1 comprises following data, where four data
patterns (W, X, Y, Z) are identified as sensitive patterns and which need to be secured.
D1: Account details of voucher number 9468 has been approved by Mr. ABC.
W X Y Z
[0067] Consider that the data patterns W and X are identified using Rule R1, the data pattern
Y is identified using Rule R2, the data pattern Z is identified using Rule R3. Further,
consider that the equations (1)-(6) select Dilithium PQC signature for encrypting the
document D1. The computing device 120 may then calculate a confidence interval estimate
by considering a confidence score of 95%, which the computing device 120 may use as part
of future recommendations. If the confidence interval estimate is high for a particular PQC
signature, then that particular PQC signature may be considered for recommendation.
[0068] In the exemplary illustration of Figure 2, the sub-steps 220-1 and 220-2 have been
shown to be performed in parallel. However, the present disclosure is not limited thereto
and the sub-steps 220-1 and 220-2 may be performed in sequential manner as well. For
instance, initially sub-step 220-1 may be performed to identify data patterns DP1 and then
the sub-step 220-2 may be performed to identify data patterns DP2 and vice versa. In one
non-limiting embodiment of the sequential processing, the sub-step 220-2 may identify only
the left-out data patterns (i.e., the data patterns which are not identified by the sub-step 220-
1). For example, the sub-step 220-1 may be performed first to identify data patterns DP1
using the ARE and then the sub-step 220-2 may be performed to identify left out data
patterns (i.e., the patterns which are not identified by the ARE). In such embodiment, there
is no need of removing duplicate patterns from DP1/DP2. It may be noted that the pattern
identification techniques of the present disclosure are case insensitive (i.e., a pattern with
uppercase letters and the same pattern with lowercase letters is treated same).
[0069] In one non-limiting aspect of the present disclosure, the computing device 120 may
be assigned an optimal number of resources for computations. For example, an objective
function may be formulated. The objective function is a mathematical expression defining
the energy of the communication system, which is used to minimize a loss function. The
objective function is a function that must be minimized in order to find the best solution
from a set of possible solutions (i.e., in order to assign an optimal number of resources to

the computing device 120). Minimizing the objective function may comprise mapping the objective function to quadratic unconstrained binary optimization (QUBO). [0070] The QUBO is a combinatorial optimization problem with a wide range of applications including machine learning. The QUBO has two ways to minimize the objective function namely Adiabatic Quantum Computation (AQC) or Quantum Annealing (QA). Quantum annealing (which also includes adiabatic quantum computation) is a quantum computing method used to find the optimal solution of problems involving a large number of solutions, by taking advantage of properties specific to quantum physics like quantum tunneling, entanglement and superposition. Adiabatic quantum optimization is a procedure to solve a vast class of optimization problems by slowly changing the Hamiltonian of a quantum system. By optimizing the objective function, an optimal number of resources may be assigned to the quantum computing system. Thereby, minimizing the resource wastage.
[0071] Referring now to Figure 3(a), which shows a block diagram 300-1 for pattern identification using a rule based parser or ARE 310, in accordance with one non-limiting embodiment of the present disclosure. The ARE 310 may comprise one or more predefined rules for identifying data patterns DP1 in an input data or input document D1 (the input document D1 may be same as the input document 110). For instance, when the processor 140 parses the input document D1 using the ARE 310, pre-defined rules (e.g., Rule 1, Rule 2, and Rule 3) may be applied on the input document D1. As shown in Figure 3(a), initially Rule 1 may be applied on the input document D1 and one or more instances of a data pattern M1 may be identified in the input document D1, then Rule 2 may be applied and one or more instances of a data pattern M2 may be identified in the input document D1, and finally Rule 3 may be applied and one or more instances of a data pattern M3 may be identified in the input document D1. In Figure 3, it has been shown that three data patterns M1, M2, and M3 are identified by applying the three rules (i.e., Rule 1, Rule 2, and Rule 3) on the input document D1.
[0072] Referring now to Figure 3(b), which shows a block diagram 300-2 illustrating receiving of data to be encrypted at the computing device 120, in accordance with one non-limiting embodiment of the present disclosure. As illustrated in Figure 3(b), in one aspect, the input data (of an input document which is to be encrypted) may be received/fetched from

various web/mobile applications 340 via a message routing layer (which may also be referred to as a data manager). In another aspect, the input data may be fetched from any database by applying suitable database queries. For instance, as shown in block 330 of Figure 3(b), the input data to the computing device 120 may be selected from a financial database by applying suitable SQL queries. The input data may be parsed through the ARE 310 and the ML model 320 and may be encrypted using a suitable PQC signature (e.g., Falcon or Dilithium) selected based on a signature size of the input data. [0073] Referring now to Figure 3(c), which shows a process flow 300-3 illustrating receiving of data to be encrypted and storing the encrypted data in a datastore, in accordance with one non-limiting embodiment of the present disclosure. As illustrated in Figure 3(c), the input data to be encrypted (which is fetched/received from the various applications 340 or from the database) may be first listed on a listening port 350 and then may arrive at data manager 360 which may then send the data to the computing device 120 for encryption. The computing device 120 may then encrypt the input data using suitable PQC signatures and store the encrypted data in a datastore 380 via a database port 370. The datastore 380 may be same as the memory 150.
[0074] In one non-limiting embodiment of the present disclosure, the computing device 120 may comprise various other hardware components such as various interfaces 402, the memory 150, and various units or means as shown in the block diagram 400 of Figure 4. The units may comprise a receiving unit 412, a transmitting unit 414, a determining unit 416, a comparing unit 418, a selecting unit 420, and other units 422. The other units 422 may comprise a splitting unit, a processing unit, an identifying unit etc. In an embodiment, the units 412-422 may be dedicated hardware units capable of executing one or more instructions stored in the memory 150 for performing various operations of the computing device 120. In another embodiment, the units 412-422 may be software modules stored in the memory 150 which may be executed by the processor 140 for performing the operations of the computing device 120.
[0075] The interfaces 402 may include a variety of software and hardware interfaces, for example, a web interface, a graphical user interface, an input device-output device (I/O) interface 406, an access network interface 404 and the like. The I/O interfaces 406 may allow the computing device 120 to interact with devices directly or through other devices.

The access network interface 404 may allow the computing device 120 to interact with other devices via a network.
[0076] The memory 150 may comprise various types of data such as PQC signatures 408 and their signature sizes, and other type of data 410 (i.e., meta data, confidence scores, recommendation scores, rules utilized by the ARE, ML model etc.). The memory 150 may further store one or more instructions executable by the processor 140. [0077] Referring now to Figure 5, a flowchart is described illustrating an exemplary method 500 for performing data encryption using quantum computing, according to an embodiment of the present disclosure. The method 500 is merely provided for exemplary purposes, and embodiments are intended to include or otherwise cover any methods or procedures for generating at least one pattern from at least one data set. [0078] The method 500 may include, at block 502, determining a signature size (S) of an input document 110.The signature size (S) of the input document 110 may be an indicative of a size of data to be encrypted in the input document 110. The operations of block 502 may be performed by the processor 140 or by the determining unit 416. [0079] In one non-limiting embodiment of the present disclosure, the operation of block 502 i.e., determining the signature size (S) of the input document 110 may comprise processing the input document 110 using a rule based parser to determine a first number of data patterns (P1) to be encrypted, and further processing the input document 110 using a machine learning technique to determine a second number of data patterns (P2) to be encrypted. The method may comprise determining an average sample proposition (P) of the input document based on a weighted combination of the first number of data patterns (P1) and the second number of data patterns (P2). The data patterns may refer to any sensitive/critical/confidential information which needs to be protected from intruders. The rule based parser may comprise one or more rules for identifying one or more data patterns in the input document which are to be encrypted. In one non-limiting embodiment, the ML technique(s) may identify only those data patterns which are not identified by the rule based parser or which are different from the data patterns identified by the rule based parser. [0080] In one non-limiting embodiment of the present disclosure, the signature size (S) of the input document 110 is determined based on following factors: the average sample proposition (P) of the input document,

the first number of data patterns (P1) to be encrypted,
the second number of data patterns (P2) to be encrypted, and
a number of available quantum encryption techniques (M). [0081] At block 504, the method 500 may include comparing the signature size (S) of the input document 110 with a plurality of size threshold values. The plurality of size threshold values may correspond to a plurality of quantum encryption techniques (M). The operations of block 504 may be performed by the processor 140 or by the comparing unit 418. [0082] At block 506, the method 500 may include selecting a quantum encryption technique, among the plurality of quantum encryption techniques (M) based on the comparing, for encrypting the input document 110. The operations of block 506 may be performed by the processor 140 or by the selecting unit 420.
[0083] In one non-limiting embodiment of the present disclosure, the method 500 may further comprise splitting the input document 110 into two or more documents when the signature size (S) of the input document 110 exceeds the highest size threshold value of the plurality of size threshold values for performing the data encryption. [0084] The above method may be described in the general context of computer executable instructions. Generally, computer executable instructions can include routines, programs, objects, components, data structures, procedures, modules, and functions, which perform specific functions or implement specific abstract data types.
[0085] The order in which the various operations of the methods are described is not intended to be construed as a limitation, and any number of the described method blocks can be combined in any order to implement the method. Additionally, individual blocks may be deleted from the methods without departing from the spirit and scope of the subject matter described herein. Furthermore, the methods can be implemented in any suitable hardware, software, firmware, or combination thereof.
[0086] The various operations of methods described above may be performed by any suitable means capable of performing the corresponding functions. The means may include various hardware and/or software component(s) and/or module(s), including, but not limited to the processors 140 of Figure 1 and the various units of Figure 4. Generally, where there are operations illustrated in Figures, those operations may have corresponding counterpart means-plus-function components.

[0087] It may be noted here that the subject matter of some or all embodiments described with reference to Figures 1-4 may be relevant for the method and the same is not repeated for the sake of brevity. In the present disclosure, it has been shown that the operations of data encryption are implemented using the quantum processor 140 of the quantum computing device 120. However, the present disclosure is not limited thereto, and in general the operations of data encryption may be implemented with the help of classical processors or classical computing devices where the quantum encryption techniques may be made available in the form of libraries (i.e., a set of functions/objects/modules etc.). [0088] In a non-limiting embodiment of the present disclosure, one or more non-transitory computer-readable media may be utilized for implementing the embodiments consistent with the present disclosure. A computer-readable media refers to any type of physical memory (such as the memory 150) on which information or data readable by a processor may be stored. Thus, a computer-readable media may store one or more instructions for execution by the processor 140, including instructions for causing the processor 140 to perform steps or stages consistent with the embodiments described herein. The term “computer-readable media” should be understood to include tangible items and exclude carrier waves and transient signals. By way of example, and not limitation, such computer-readable media can comprise Random Access Memory (RAM), Read-Only Memory (ROM), volatile memory, nonvolatile memory, hard drives, Compact Disc (CD) ROMs, Digital Video Disc (DVDs), flash drives, disks, and any other known physical storage media.
[0089] Thus, certain aspects may comprise a computer program product for performing the operations presented herein. For example, such a computer program product may comprise a computer readable media having instructions stored (and/or encoded) thereon, the instructions being executable by one or more processors to perform the operations described herein. For certain aspects, the computer program product may include packaging material. [0090] Various components, modules, or units are described in this disclosure to emphasize functional aspects of devices configured to perform the disclosed techniques, but do not necessarily require realization by different hardware units. Rather, as described above, various units may be combined in a hardware unit or provided by a collection of

interoperative hardware units, including one or more processors as described above, in
conjunction with suitable software and/or firmware.
[0091] As used herein, a phrase referring to “at least one” or “one or more” of a list of items
refers to any combination of those items, including single members. As an example, “at least
one of: a, b, or c” is intended to cover: a, b, c, a-b, a-c, b-c, and a-b-c. The terms “a”, “an”
and “the” mean “one or more”, unless expressly specified otherwise.
[0092] The terms “including”, “comprising”, “having” and variations thereof mean
“including but not limited to”, unless expressly specified otherwise.
[0093] The enumerated listing of items does not imply that any or all of the items are
mutually exclusive, unless expressly specified otherwise.
[0094] A description of an embodiment with several components in communication with
each other does not imply that all such components are required. On the contrary, a variety
of optional components are described to illustrate the wide variety of possible embodiments
of the disclosed methods and systems.
[0095] Finally, the language used in the specification has been principally selected for
readability and instructional purposes, and it may not have been selected to delineate or
circumscribe the inventive subject matter. It is therefore intended that the scope of the
invention be limited not by this detailed description, but rather by any claims that issue on
an application based here on. Accordingly, the embodiments of the present invention are
intended to be illustrative, but not limiting, of the scope of the invention, which is set forth
in the appended claims.

WE CLAIM:
1. A method (500) of performing data encryption using quantum computing, the
method (500) comprising:
determining (502) a signature size (S) of an input document (110), wherein the signature size (S) of the input document (110) indicates a size of data to be encrypted in the input document (110);
comparing (504) the signature size (S) of the input document (110) with a plurality of size threshold values, wherein the plurality of size threshold values corresponds to a plurality of quantum encryption techniques (M); and
selecting (506) a quantum encryption technique, among the plurality of quantum encryption techniques (M) based on the comparing, for encrypting the input document (110).
2. The method (500) as claimed in claim 1, wherein the determining (502) the signature
size (S) of the input document (110) comprises:
processing the input document (110) using:
a rule based parser to determine a first number of data patterns (P1) to be encrypted, and
a machine learning technique to determine a second number of data patterns (P2) to be encrypted; and
determining an average sample proposition (P) of the input document (110) based on a weighted combination of the first number of data patterns (P1) and the second number of data patterns (P2), wherein the data patterns refer to any sensitive information which needs to be protected from intruders.
3. The method (500) as claimed in claim 2, wherein the signature size (S) of the input
document (110) is determined based on:
the average sample proposition (P) of the input document (110),
the first number of data patterns (P1) to be encrypted,
the second number of data patterns (P2) to be encrypted, and

a number of available quantum encryption techniques (M).
4. The method (500) as claimed in claim 1, further comprising:
splitting the input document (110) into two or more documents when the signature size (S) of the input document (110) exceeds the highest size threshold value of the plurality of size threshold values for performing the data encryption.
5. The method (500) as claimed in claim 2, wherein the rule based parser comprises one or more predefined rules for identifying one or more data patterns to be encrypted, and wherein the machine learning technique identifies one or more data patterns in the input document (110) which are different from the one or more data patterns identified by the rule based parser.
6. A device (120) for performing data encryption using quantum computing, the device (120) comprising:
a memory (150); and
at least one processor (140) communicatively coupled with the memory (150), wherein the at least one processor (140) is configured to:
determine a signature size (S) of an input document (110), wherein the signature size (S) of the input document (110) indicates a size of data to be encrypted in the input document (110);
compare the signature size (S) of the input document (110) with a plurality of size threshold values, wherein the plurality of size threshold values corresponds to a plurality of quantum encryption techniques (M); and
select a quantum encryption technique, among the plurality of quantum encryption techniques (M) based on the comparing, for encrypting the input document (110).
7. The device (120) as claimed in claim 6, wherein to determine the signature size (S)
of the input document (110), the at least one processor (140) is configured to:

process the input document (110) using:
a rule based parser to determine a first number of data patterns (PI) to be encrypted, and
a machine learning technique to determine a second number of data patterns (P2) to be encrypted; and
determine an average sample proposition (P) of the input document (110) based on a weighted combination of the first number of data patterns (PI) and the second number of data patterns (P2), wherein the data patterns refer to any sensitive information which needs to be protected from intruders.
8. The device (120) as claimed in claim 7, wherein the at least one processor (140) is
configured to determine the signature size (S) of the input document (110) based on:
the average sample proposition (P) of the input document (110), the first number of data patterns (PI) to be encrypted, the second number of data patterns (P2) to be encrypted, and a number of available quantum encryption techniques (M).
9. The device (120) as claimed in claim 6, wherein the at least one processor (140) is
further configured to:
split the input document (110) into two or more documents when the signature size (S) of the input document exceeds the highest size threshold value of the plurality of size threshold values for performing the data encryption.
10. The device (120) as claimed in claim 7, wherein the rule based parser comprises one
or more predefined rules for identifying one or more data patterns to be encrypted,
and wherein the machine learning technique identifies one or more data patterns in
the input document (110) which are different from the one or more data patterns
identified by the rule based parser.