Couldn’t attend Transform 2022? Check out all the top sessions in our on-demand library now! Look here.
For many in this community, a functioning quantum computer will likely still feel quite fictional — an innovation still light years away. There’s also the idea that, well, a functioning quantum computer wouldn’t be a good thing? For example, won’t a functioning quantum computer enable scientists to accelerate drug discovery and development?
The downside is that while these computers offer many benefits, they also present new security risks that are much closer than many expect. The first functioning cryptographically relevant quantum computer (CRQC) will have the power to break the public-key encryption commonly used today to protect information. That means data, no matter how secure it is now, will be vulnerable to a future attack on a scale never seen before.
To remedy this danger, the National Institute of Standards and Technology (NIST) launched a competition in 2016 to identify new quantum-secure encryption algorithms. It recently made a decision about which algorithms will become the new standard. Companies that have been waiting for certainty about what kind of new encryption to use can now start migrating their infrastructure to protect their data.
Let’s take a look at what this migration should look like and how organizations can best set themselves up to protect their data for years to come.
MetaBeat will bring together thought leaders to offer advice on how metaverse technology will change the way all industries communicate and do business October 4 in San Francisco, CA.
The Quantum Threat
As mentioned above, it is generally accepted that a sufficiently mature quantum computer will be able to break the current public key encryption (PKC) standards – RSA and Elliptic Curve.
So, what are the implications? Simply put, without secure encryption, the digital economy would no longer function, as PKC is used everywhere in our day-to-day digital interactions. With a mature quantum computer, a hacker can:
- Empty people’s bank accounts or wallets for cryptocurrency
- Intercept and decrypt sensitive communications
- Disable critical infrastructure such as power grids and communications networks
- Exposing pretty much every secret we want to keep secret
The timing is still much debated here, but many predictions erroneously focus on commercial quantum computers up to 15-20 years away. The threat I am referring to is not a commercial quantum computer that JP Morgan can buy to conduct its own trading analysis. I’m talking about the sheer power to break code under lab conditions, which will come much sooner. The cybersecurity community estimates that this could happen within five years.
Even if we can’t predict the exact moment a working quantum machine will proliferate, billions of dollars are being spent on quantum computing R&D, meaning it’s only a matter of time before the coding upon which virtually every application in use today. can be cracked . Further, even if the first quantum computer isn’t seen until 2030, we’re still in a race against time to stay safe. It is estimated that it would take at least 10 years to migrate the existing cryptographic infrastructure, as that entails the transformation of most electronic devices that connect to the Internet.
Harvest now, decipher later
This threat is compounded by the possibility that even today organizations with sensitive data that have a long shelf life could see data being collected and captured by criminals who want to decrypt it once a sufficiently powerful quantum computer arrives. In other words, any data with a multi-year lifespan can be collected today and decrypted in the future. This includes government secrets, R&D innovation, trade data in financial services and strategic plans.
This harvest-now, decrypt-later (HNDL) threat is supported by: numerous pieces of research, who discover that rogue actors are likely to start collecting encrypted data with long-term usefulness, expecting to eventually decrypt it with quantum computers. I would argue that this could already happen, as in cases where we see internet traffic being rerouted on unusual global paths for no apparent reason before returning to normal. To support my observations, several Five Eyes agencies have also noted that this phenomenon is becoming more and more common.
Mapping a Path to Protection
With this array of threats, NIST has led the way in coordinating a global response. The Post-Quantum Cryptography (PQC) program is a multi-year effort to identify new encryption algorithms that can withstand a future codebreaking quantum computer and protect data from HNDL attacks.
After drawing on submissions from leading academic and private cryptographers, NIST has finally decided which algorithms will become the new standard in global cryptography. NIST has chosen CRYSTALS-Kyber for general encryption and CRYSTALS-Dilithium, VALKand SPINCS+ for digital signatures. It also put forward four other candidates for additional research, including the ultra-secure Classic McEliece. While the current PKC standards (RSA and Elliptic Curve) can be used for both encryption and digital signing, several post-quantum algorithms cannot, meaning they will replace the existing PKC with a few different algorithms.
Now that these new standards are finalized, companies that have been waiting for certainty about what kind of new encryption to use can start migrating their infrastructure to protect their data. This won’t be an easy task, so here’s a non-exhaustive list of recommendations for organizations looking to take this PQC migration seriously:
1. If you haven’t already, set up your Y2Q crypto migration project now and give it significant support and investment. As with any major IT program or project, you need a dedicated team with the right skills and resources to ensure success.
2. Once this is in place, the project team’s original goal should be to conduct a crypto inventory audit. This means taking an inventory of where cryptography is being deployed across the organization today, ensuring you can map out a migration path that prioritizes valuable assets while identifying the expected impact on operational systems.
3. One of the most important considerations for your project team is adopting hybridization. This means choosing and implementing solutions that keep the proven classic cryptography we use today, such as RSA, alongside one or more post-quantum algorithms, protecting you from both current and future threats.
Furthermore, the use cases where encryption is required vary between industries and sectors, so adopting crypto-agility – where different PQC algorithms can be used depending on the applications – will give you more flexibility. This is particularly the case with algorithms under analysis in a fourth round, which have the potential to become future standards as well, some of which may be more suitable for high-security use cases.
4. Finally, consider deploying a hybrid quantum secure VPN. The Internet Engineering Task Force (IETF) has developed a set of specifications for such VPN products and recommends crypto-agile solutions that support hybrid key drafting, meaning post-quantum algorithms can work alongside current standards. Quantum secure VPN products based on the IETF specification are already on the market, so upgrading is a relatively easy step you can take.
Andersen Cheng is CEO of Post-Quantum.
Welcome to the VentureBeat Community!
DataDecisionMakers is where experts, including the technical people who do data work, can share data-related insights and innovation.
If you want to read about the very latest ideas and up-to-date information, best practices and the future of data and data technology, join us at DataDecisionMakers.
You might even consider contributing an article yourself!
Read more from DataDecisionMakers