As the advent of successful applications of Quantum Computers draws closer, the world is preparing itself for the impact it will have on many facets of our lives, from commercial business to government and critical infrastructure.
The primary problem concerned when preparing for quantum computing is the implications it has for cybersecurity and the Public Key Infrastructure (PKI) and cryptography markets. Contemporary encryption schemes such as ECC (Elyptic-Curve Cryptography) and RSA (Rivest, Shamir and Adleman), which are used to protect the exchange of digital data are not equipped to prevent attacks from Quantum Computers. The RSA in particular, developed in the 1970s, is virtually impossible for modern classical computers to break due to the difficulty of calculating prime factors of the algorithm in a reasonable amount of time.
For Quantum Computers however, this is no difficult task whatsoever. Because of this, when quantum computers are available, all data exchanged digitally will be at risk, from government, to financial, to medical and personal data.
Luckily, the development of quantum computers itself has complex challenges, and it is estimated that practical quantum computers won’t be available for at least another decade. The quantum computing models of today only surpass the classical computer at a handful of functions, giving the security market, and the rest of the world, time to prepare for their arrival.
Last month, the National Institute of Standards and Technology (NIST) in the United States, has announced that they have finalized the standardization of three post-quantum cryptographic schemes. The current minimum NIST recommendations for RSA algorithms, for example, is 2048-bit, which was updated from a 1024-bit minimum in 2015. The challenge at hand, is that Public Key cryptography is the primary method used to secure the identities of devices, servers, browsers and digital communications everywhere. Once Quantum Computers arrive there will need to be a large-scale replacement of non-quantum-safe schemes in all of their use cases.
What are NIST’s Three Post-Quantum Cryptography Standards?
NIST has currently finalized three standards for quantum-safe cryptographic schemes:
- FIPS (Federal Information Processing Standard) 203: Developed from the CRYSTALS-Kyber algorithm, and also known as the Module-Lattice-Based Key-Encapsulation Mechanism, referring to its lattice-based cryptographic scheme which supports PQC unlike more widely used cryptographic schemes like RSA. This will likely be the standard for general encryption, with its advantages being its relatively small keys and functional expediency.
- FIPS 204: Developed from the CRYSTALS-Dilithium algorithm, or Module-Lattice-Based Digital Signature Algorithm. Created as a primary standard for digital signatures, this will be able to support larger signatures and public keys, while greatly exceed modern verification speeds.
- FIPS 205: Using the Sphincs+ algorithm, or Stateless Hash-based Digital Signature Algorithm supports small public keys but produces large digital signatures. Based on a different mathematical scheme than the first two, this was created with a hash algorithm and is intended to serve as a secondary method to FIPS 204 in case it proves to be vulnerable.
NIST has also announced a fourth algorithm, which will be known as FIPS 206, based on the FALCON algorithm, or FN-DSA which is short for FFT [fast-Fourier transform] over NTRU [Number Theory Research Unit]-Lattice-Based Digital Signature Algorithm. This will also support digital signatures and is expected to be finalized in late 2024.
What this Could Mean for PQC Adoption and Why Quantum Preparedness Matters Now
Since the development of the first Quantum prototypes by D-Wave Systems in the noughties, the world has been awaiting new advancements in Post-Quantum solutions, but not much information has been available about the Post-Quantum world, with even cryptographic and security experts still shaping what Post-Quantum solutions and certificates will look like.
However, these new standards are a first step for global quantum preparedness, motivating organizations, browsers and Certificate Authorities (CAs) to move forward in their planning for Q-day. Whereas before, not much information was available, now there is at least some idea of what organizations should be implementing in their planning. Experts are said to expect a transformation across the global supply chain to ensure that vulnerable systems are provisioned for in the event that a functional Quantum Computer emerges.
While this development offers organizations better insight into the situation, there are however, other barriers to overcome when preparing for the Quantum arrival in the security market. CAs don’t currently have compatible Hardware Security Modules (HSMs) to provision for Post-Quantum-Safe certificates, and while it is still difficult to predict what a Post-Quantum market may look like, it is a challenge for compliance frameworks like the CA/B (Certificate Authority/Browser) Forum to provision for Post-Quantum Safe technologies.
The trouble is that organizations ideally need to be prepared well before a viable quantum system arrives. It is not only that we will need to replace current classic cryptographic protocols in every device, network, server and identity. We will also need to prepare current use-cases which will still be in use when it does arrive. This will especially affect those use-cases which are still in early development like new software or IoT connected devices. Not only this, but cyber-criminals have developed a system known as “harvest now, decrypt later” wherein they access and store critical data to be decrypted in the future when they may have access to a viable quantum system.
While more cryptographic standards are in development, they could not come soon enough, as organizations market regulators prepare themselves for the arrival of a workable quantum computer. This requires the cooperation of every digital entity to ensure that digital communications remain safe, as even the smallest vulnerability could result in disaster once Q-Day is here.
