Data security: post-quantum cryptography transition underway

Qubits – quantum bits – offer a mind-bending upgrade on the classical ones and zeros that support today’s digital world. Rather than just representing either a one or a zero, qubits can – somewhat counterintuitively – be both. In fact, qubits can point to combination of values, or parallel realities, which coverage towards the most probable outcomes. And while this is great news for using quantum computers to predict the weather, discover new pharmaceutical drugs, and explore advanced materials, there’s a wrinkle. The computing boost provided by quantum processing is expected to make light work of breaking the encryption keys currently securing data on the web. “In quantum, you can do everything at once,” Skip Sanzeri, Chief Operating Officer at QuSecure, told TechHQ.

Planning opportunity

The good news, in terms of keeping our data safe, is that such powerful quantum computers are unlikely to be in existence today. Scientists around the world have made tremendous progress in building qubits using superconductors, semiconducting quantum dots, trapped ions, photons and range of other technology platforms. But none of those quantum computers is thought to be sufficiently powerful to reverse engineer the various cryptosystems (most obvious as the padlock shown in your browser search bar) that users currently rely on to keep their data safe.

However, with each round of updates, quantum computers move another step closer to unravelling the hard sums that fox today’s classical machines and underpin current data security. And, in the wrong hands, quantum computers could allow attackers to read information that we’d rather they didn’t.

Sensibly, in 2016, US national standards agency NIST launched a competition to identify quantum-resistant encryption algorithms, and is now writing the leading prospects into security standards that are expected to be published in 2024. But that doesn’t mean that companies and organizations need to wait around until then before giving thought to what a transition from classical to post-quantum cryptography might involve. Picturing the vast scale of the modern internet, it’s clear that the number of devices and data stores affected is huge.

“It’s not rip and replace,” advises Sanzeri. “Begin with the most vulnerable sites and start your planning now.” Currently in beta, QuSecure has a product that allows customers to create quantum safe channels between end-points. And big-name partners listed on the firm’s website include Amazon, Google, and Microsoft – to give just a few examples. Focused on communications, the data security solution sits within existing protocols such as TLS. “We put a second pipe inside that’s quantum safe,” Sanzeri explains.

Cryptographic agility

At the algorithm level, QuSecure is using the NIST candidates, with software added on top to enable the post-quantum cryptography. And Sanzeri comments that solutions perform well even for hardware with limited processing power. “We have invented a way where if any device is connected to the internet, we can create a quantum safe channel without loading up the endpoint,” he said. Also, to accommodate any unforeseen issues in the strength of the NIST algorithms – which is a reasonable assumption, given the uncertainties surrounding the new world of post-quantum cryptography – the system is built to be ‘crypto-agile’. Algorithms can be changed and rotated, as necessary, to preserve security and maintain the integrity of post-quantum cryptography.

Putting yourself in the shoes of an adversary and thinking about what information assets could be at the top of an attacker’s wish list, you’d probably chose communications channels. The live conversations that are being had today between businesses leaders, governments and other international organisations are likely to contain the most pressing and up to date information. Pictured in this way, is straightforward to see why QuSecure, and others, are choosing to bring post-quantum cryptography solutions to this area first.

Last month, IBM and Vodafone announced that they were joining the GSMA Post-Quantum Telco Network Taskforce, and US telecommunications firm AT&T has reportedly commented that it intends to be ‘quantum ready’ by 2025. These actions add more weight to the overall consensus that a quantum computer powerful enough to decrypt the data that’s being passed around today is likely to arrive sooner rather than later. Data operators that don’t take these risks seriously could find themselves in dire straits. The ability to read information travelling over the internet would expose a huge amount of sensitive data, including conventional financial details, the communications between cryptocurrency wallets and exchanges, and much more.

Better safe than sorry

QuSecure estimates that 90% of encrypted web data relies on RSA-2048, which could, theoretically, be exposed using quantum computing hardware consisting of 4100 Qubits. IBM recently updated its quantum development roadmap through to 2025 when the computing giant hopes to hit 4158+ qubits. But, unlike IBM, adversaries are unlikely to be so transparent about their quantum computing capabilities, so better to plan ahead while the opportunity allows.

In fact, many organizations may have little choice – for example, national security memorandums issued by the White House direct Federal agencies to set requirements for updating cryptographic systems. And organizations such as the World Economic Forum have issued sound advice on how to transition to a quantum-secure economy [PDF] and avoid the so-called risk of ‘encryptogeddon’, which points to a phased approach as being a useful template to follow.