The objective of the current research is to give an overview of the state of art in develop- ment of cryptography in Estonia, and to analyse the technological and economic potential of the field.
First, disruptive and emerging technologies in the field of cryptography are identified. This serves as a background for analysing the specialisation of the Estonian universities and private sector companies and their technological capabilities. Thereafter, the domestic needs, potential market niches and public procurement of innovation are discussed. Finally, a number of actions are proposed for further development of cryptography in Estonia.
As the result of the analysis of the priorities for research and technology development in leading nations, post-quantum cryptography, quantum key distribution, electronic identity, secure computation and privacy-preserving (big) data analysis, radio frequency protocols, Internet of Things (cryptography in limited environments), cryptographic protocol analysis, long-term protection of systems, anonymous networks, and block-chains were identified as particularly promising disruptive and emerging technologies.
There are three companies that conduct world class R&D in the above areas, and form the core of the indigenous cryptography rich industry in Estonia. These companies are, given the nature of their business, strongly integrated with the Estonian and European education and R&D systems. The above companies cater both for domestic and foreign markets, and their labour productivity is significantly higher than the Estonian ICT sector average.
There are, on top of the above, around 10 local companies with own ICT products and services that implement advanced cryptographic solutions. Additionally, a limited num- ber of cryptography intensive early stage start-up companies can be identified in Estonia. Furthermore, Estonia hosts also a number of subsidiaries of foreign owned cryptography- related companies; these companies are weakly connected to the Estonian education and R&D systems.
Estonian universities have offered basic cryptographic education for almost two decades. What is more, cryptography is one of the strongest research fields in the Estonian computer science scene. Hence, one would expect to be able to find well qualified developers of crypto-rich applications on the local labour market. Yet, the supply of cryptography experts falls short of the booming demand, while the cyber security domain continues to gain more and more importance from security and defence points of view. The limited availability of cryptography experts in Estonia holds the companies but also the government itself back from defining and developing cutting edge crypto-rich products and services.
Estonia falls significantly behind its Nordic neighbours in R&D investments. The gross domestic expenditure on R&D was around 3% of GDP in Finland and Sweden, whereas
business sector R&D investment was around 2% of GDP in 2017. Gross domestic expendi- ture on R&D was only 1.3% of GDP in Estonia in 2017. Business sector contributed half of it. In Finland, ICT sector invested into R&D 1.3 billion euros in purchasing power standards (PPS), while the Estonian ICT companies invested only 0.1 billion euros in PPS in 2015.
In conclusion, limited availability of highly specialised workforce, and suboptimal investment into R&D hold back the development of a competitive high-tech industry in Estonia. What is more, lowering of the level of mathematics and science education in high schools has become a major obstacle that undermines preparation of students for a future career in cryptography, or in fact, any mathematically sophisticated field.
Estonia has had a notable success in cryptography and cyber security domain. However, it now needs to do more to be prepared for future opportunities and challenges. Accord- ingly, the following recommendations are given for increasing the competitiveness of the cryptography-related companies, and adoption of advanced cryptographic technologies and services in the Estonian public sector.