Post-quantum cryptography broadly represents cryptographic algorithms that are safe against threats from quantum computers. Quantum computers aren’t expected to come into play for a decade., which might leave you asking, “Why should I care about this now?” Especially, when we are currently battling big cybersecurity challenges that consume our focus. It’s a logical question that deserves a clear answer.
Transformative technologies, such as quantum computing, are on the rise and will, one day, augment our current computing technology. It will require years of extensive work by standards groups, technology vendors and enterprises to address and deploy crypto algorithms that will resist post-quantum computer attacks. Technology vendors must apply proper design and rigorous testing to ensure the security in their products will be ready when quantum computers are available.
Although 10 years seems like a long way away, it is important to consider the deployed lifetime of devices and applications being produced today and data being encrypted. Some information that is being encrypted now needs to remain secure 10 to 20 years into the future, and some popular applications and devices have usable lifetimes in the same range. Testing and even deploying hybrid solutions with post-quantum cryptography alongside traditional algorithms including RSA and ECC can prepare companies now and avoid expensive retrofits years down the road.
Currently, standards groups are leading the movement for safe post-quantum cryptography, developing guidance and recommended standards to maintain and improve the usability and interoperability of technologies to resist quantum computer attacks. The Internet Engineering Task Force (IETF) has been working on security standards with hash-based signatures and hybrid cryptography that will be released in the near future. Others, such as the National Institute of Standards and Technology (NIST), are working on post-quantum cryptography standards for more advanced algorithms, that will be released in two to three years.
If you are a technology vendor or an enterprise that deploys network-connected devices, it is important to know the security implications and impact that quantum computers might have on your organization. Understanding what actions you can take today will prepare your organization against the threats of tomorrow.
5 Essential Preparatory Steps for Post-Quantum Cryptography
Have a Plan
Help your organization understand the threats and how you’re going to counteract a quantum attack on today’s cryptographic algorithms. Consult with a security service provider to learn how your organization can develop a post-quantum crypto protection plan. Enterprises should also check with their technology vendors. Find out what they are doing to secure their software and IoT devices in preparation for quantum computers. Ask them if they have a product security plan that’s going to protect your assets and enable you to stay in compliance. Prepare for what your organization will do if a technology vendor doesn’t have a plan to support your organization.
Cryptography Inventory Management
Cryptographic libraries and technologies deployed in the field are difficult to update. Security in cars, home appliances, healthcare devices, industrial control systems and myriad other IoT devices can operate for decades. The security you deploy today still may be in use when quantum computers arrive. If you haven’t planned ahead and developed a cryptographic inventory and management system that supports a long life cycle, your company may be on the receiving end of a quantum computer breach. No organization wants to be in emergency mode, responding to attacks and facing challenges of replacing devices in the field that aren’t easily accessible. For regulated industries, it can be difficult to meet compliance requirements when devices are not upgradable or require long lead times to replace.
This amalgam can apply post-quantum algorithms alongside traditional crypto algorithms to leverage the combined benefits of all. This approach can protect against quantum computer threats, requiring an attacker to break all of the keys rather than one key. These approaches can be applied today to avoid expensive retrofits when quantum computing makes breaking classical algorithms possible.
These are well-understood signatures that can be used for code signing, and are effective for securing software updates. Quantum computers are good at breaking standard asymmetric cryptography. But, they’re not as effective against symmetric cryptography and hash algorithms. We’ve long known we can create a digital signature scheme that doesn’t rely on asymmetric cryptography, and only relies on hash algorithms. Because hash algorithms are easily understood, they are being standardized as a defense against quantum computer threats. However, private keys are large, because each is a collection of multiple private keys. Each private key can only be used for a single signature, limiting the number of available signatures. However, this isn’t a problem for code signing because you probably won’t distribute more than a million firmware updates. Additionally, hash-based signature verification is extremely fast.
It can support larger cryptographic sizes, such as AES-256, for a strong defense against quantum computing threats. However, symmetric crypto suffers from the classic problem of key distribution, in which both sides have to share a key.
History is a Good Lesson
While it may seem as though quantum computing is a distant issue, planning, preparing and implementing protection takes years. A good example is the two decades the payment industry has expended trying to remove DES from payment systems. This transition process still has yet to be completed. Significant technology transitions take time and are complex, but their value is immeasurable. With proper planning and preparation, the cost and time allotted to address future issues today will pay off when the technology is upon you.
Cryptography is in virtually all internet-connected software and IoT devices. Every device will, at some point, need to be upgraded or replaced. This will impact some software more than others. For example, web browsers are updated on a regular basis. The same is true for most software applications we use daily for business. However, hardware devices with firmware that for security reasons are unalterable can be virtually impossible to upgrade. By planning ahead and working with an experienced security service provider, and making sure your cryptographic modules are upgradeable, your organization will sustain a strong security posture in a post-quantum crypto world.