(TheSSLStore) Quantum resistant cryptography will be a key part of cybersecurity in the future. Managing Editor Casey Crane has written an extensive discussion of quantum resistant encryption & why it’s critical to future cybersecurity and what to do to prepare. IQT-News summarizes below.
Quantum resistant encryption refers to a set of algorithms that are anticipated to remain secure once quantum computing moves out of the lab and into the real world. (They will replace the public key cryptography algorithms currently used by billions of people around the world every day.) By the way, when people use any of the following terms, they’re typically talking about the same thing (in most cases):
Quantum resistant encryption
Quantum resistant cryptography (QRC)
Quantum safe cryptography
Post-quantum cryptography (PQC)
Post quantum encryption
All of the public key encryption algorithms we currently rely on today are expected to be broken once researchers succeed in building large enough quantum computer. Once that happens, quantum resistant encryption will need to be used everywhere (both by “normal” [i.e., “classical”] and quantum computers) so that attackers with quantum computers can’t break the encryption to steal data.
Current public key cryptographic algorithms rely on complex mathematics. According to the National Security Agency (NSA), quantum resistant cryptography should be “resistant to cryptanalytic attacks from both classical and quantum computers.” With this in mind, these algorithms would be something that can be used both before and after quantum computers are put to use in real-world applications. They’re designed with quantum computing threats in mind, but they’re not limited to being used only after a cryptographically relevant quantum computer (CRQC) is created.
NIST says that quantum resistant algorithms typically fall in one of three main camps:
Code-based cryptography — These are algorithms that rely on “error-correcting codes.”
Lattice-based cryptography — These algorithms involve matrices based on geometric structures.
Multivariate public key cryptosystems — These types of algorithms vary based on the type of problems they’re trying to solve.
There is a fourth category that some reference — stateful hashed-based signatures. But according to NIST’s PQC FAQs page:
“It is expected that NIST will only approve a stateful hash-based signature standard for use in a limited range of signature applications, such as code signing, where most implementations will be able to securely deal with the requirement to keep state.”
The National Institute of Standards and Technology (NIST) has been engaged in a large-scale cryptographic competition of sorts for the past several years. The competition is an opportunity for mathematicians, researchers, cryptographers, educators and scientists to submit algorithms for consideration as future federal standards.
The standards body announced their selection of seven candidates and eight alternate algorithm candidates from the third round of submissions. However, no final decisions have been made regarding which algorithm(s) will be standardized:
4 public key encryption and key-enablement algorithms (Classic McEliece, CRYSTALS-KIBER, NTRU, SABER)
3 digital signature algorithms (CRYSTALS-DILITHIUM, FALCON, Rainbow)
5 alternate public key encryption and key enablement algorithms
3 alternate digital signature algorithms
The truth is that the threats that quantum computing represents aren’t new concepts, nor do they represent threats to your business and customers right now. The concept of quantum computing — and all of its benefits and dangers — has been around for decades and isn’t expected to come to fruition yet.
how long is all of this expected to take? The answer depends on who you ask and in what context:
The National Institute of Standards and Technology (NIST) says it can take 10-20 years “from deciding a cryptosystem is good until we actually get it out there as a disseminated standard in products on the market.”
The NSA says that “new cryptography can take 20 years or more to be fully developed to all National Security Systems.”
On Jan. 19, 2022, the White House released a memorandum specifying that agencies have 180 days to “identify any instances of encryption not in compliance with NSA-approved Quantum-Resistant Algorithms or CNSA […]” and must report the following to the National Manager:
–What systems are noncompliant (including those with exceptions or waivers)
–A timeline for how these systems will transition to compliant encryption, and
–Any reasons why any systems should be exempt from compliance
What does all of this mean at the level of your organization or company? In reality, not much right now for everyday businesses. But let’s be realistic here — it’s virtually impossible to be compliant with rules that haven’t yet been implemented.
You can take steps to stay ahead of the curve as much as possible by taking the time to research and plan your strategy now. Part of this planning should include:
Prioritizing which systems to transition first, starting with the most sensitive and at-risk resources, as well as those that are integral in terms of your organization’s goals and needs
Designating who is responsible for different aspects of the implementation
The widespread use of quantum computing — and, therefore, the deployment of quantum resistant cryptography — is still on the horizon but is likely at least a good decade or so away. But that’s why now is the time to prepare for PQC to help your business stay ahead of the curve. You don’t want to be one of the organizations caught unprepared when quantum computers make their mainstream debut.
Sandra K. Helsel, Ph.D. has been researching and reporting on frontier technologies since 1990. She has her Ph.D. from the University of Arizona.