Threat or Opportunity?
With every change, comes disruption to the current set of ecosystems and practices, providing an opportunity to do things differently and in a better way. The key lies in being able to sense the change on the horizon and getting ready to embrace that change.
The same goes with the advent of Quantum Computing, which is supposed to bring exponential computing power that shall not only bring endless benefits but also raises question marks on the current state of cryptography that is the bedrock of all information security as we know today.
What is quantum computing and what changes will it bring?
While classical computers use “0” and “1” to represent 2 distinctive states of a bit of information, quantum computers leverage the properties of the “Uncertainty Principle”, “Superposition”, “Entanglement” of quantum bits (Qbit), so that their respective “0” and “1” can exist at the same time, with a different probability and in a correlated fashion. When a few Qbit interact together, the probability of each bit being a “0” or “1” can be expressed as a vector. When a measurement is taken, the function collapsed according to the applied programmed condition and you end up with the most likely result. (You’d probably do the computation a few times, supplemented by further checking using a classical computer, to make sure you arrive at the same result). To put into context, a 3-bit classical computer can express 1 value out of 8 combinations. A 3-Qbit quantum computer, however, can express 8 different possible combinations all at once. A 300-Qbit quantum computer (if and when it becomes a reality), you’d end up with a number of possibilities that is larger than the number of atoms in the observable universe (estimated to be 1078 to 1082 atoms).
This vast amount of new computing power is useful for many applications, e.g., from modeling how molecules interact with one another, thus speeding up the development of new drugs and materials, to predicting traffic, weather and possibilities of earthquakes etc. One particular application of quantum computing is to solve some hard mathematical problems, like finding the prime factors of large numbers. Take for example, if you are asked to calculate the factors of the current year “2021”, you may do this by dividing 2021 with 2, then 3, … until you reach the number 43, which gives you the result of 43 x 47 = 2021. A 4-digit number “2021” may not sound too difficult for a classical computer to factorize, but you may start to push to the limit of most classical computers if the number to be factorized is as large as 1.3 x 10154 (which represents a 512-bit number). This kind of hard mathematical problem is exactly what traditional public key cryptography such as RSA (which works with prime factors) and DSA, Diffie-Hellman, and Elliptic-Curve (which work with discrete logarithm problems) has been based upon, and therein lies the security foundation of todays of e-Commerce, digital identities, etc. By using a sufficiently powerful quantum computer running Shor’s algorithms, named after the mathematician, you may be able to solve these traditionally hard mathematical problems in a matter of days or even hours. With the advent of quantum computing, the security that protects the digital identities and internet communications (SSL/TLS) of our modern society is thus significantly weakened.
What risks will this entail?
When access to this computing power falls into the wrong hands, things we take for granted, such as mobile banking, e-Shopping, IoT, traffic light control and electricity distribution will become vulnerable to device take-over as they are not strong enough to resist a quantum attack.
- If communications in electronic banking are compromised, thus leaking customers’ transactions to the public, that can trigger a bank run as fewer customers would put their trust and their money in a bank that cannot keep their secrets
- A life-and-death situation could occur if some medical IoT devices have their identities compromised and allow malware to take control of devices. Receiving a ransomware demand from one’s pacemaker is certainly the last thing a patient would want.
- Government and defense sectors should be most alarmed by the threat. While an adversary may not be able to crack the cryptographic codes that are used to protect communications at present, these actors can hoard the information now and analyze the encrypted data when the means to crack the cryptography is available. Compromising such secrets will jeopardize national security.
How much time do we have?
Current advancement in quantum computing is limited by the delicate operation required of the quantum device. To reduce the noise of the device, the operation needs specialized environments that will be cooled to 0.015 Kelvin (colder than outer space) and the device be placed in a high vacuum to 10 billion times lower than atmospheric pressure. So if you want to operate a 1,000 logical Qbit computer in a stable condition, you may need to build a quantum computer with 1 million physical Qbits. Experts in this field predict that it may take another 5-20 years before quantum computing can become practically useable. While there is no need to panic – the proper path to take is not to stop advancement in Quantum Computing but to challenge the frontiers of Cryptography and Information Security as we may know today.
What can we do to get ready?
There are 3 areas that risk owners, CISOs and system architects should look into:
1. Crypto-Agile Implementation with Quantum-safe algorithm: Components relying on digital certificates and that have a life-span extending into the quantum era should safely migrate from the current cryptography to the use of quantum-safe algorithms. In the imminent anticipation of Quantum Computing’s arrival, you would want to be in a position to be able to make quick changes that force the applications to switch over to either using quantum-safe algorithms or larger sized keys (this is in line with the crypto-agility requirements as stated in Cybersecurity Labelling Scheme of Cyber Security Agency of Singapore). A drop-in replacement for RSA, ECDSA, ECDH and ECIES is an option to consider.
Thales recommendations: Becoming crypto-agile is critical to protecting and securing data and fending off new threats. The Luna HSM Post Quantum Crypto Functionality Module (FM) utilizes the ISARA Radiate™ Quantum-safe Toolkit and allows for quantum-safe signatures to be used for code-signing today. This implementation includes mechanisms for key compression that are optimized for either speed or for size to help ensure that the private key is optimally stored and used in an operational environment with different requirements. Certificate authorities, document signing and firmware code signing that have a longer life-span than 5 year (lower-limit of quantum arrival) should start the migration.
2.Quantum random number generation: It has to be stressed that random number generators based on a quantum process are not normally used on their own, partly because few certification schemes accept the output of a QRNG device to be used directly. Rather, the resulting high entropy of the random number generated by a quantum source is suitable to re-seed a certified Deterministic Random Bit Generator algorithm on a frequent basis.
Thales recommendations: Luna HSM provides an API which can mix in external entropy and there is an out of the box integration where an iDQ device can be used to provide additional entropy to the HSM which will be mixed with internal entropy sources.
3. Quantum key distribution: It is envisaged that the arrival of Quantum Computing will have much more impact on Public Key Cryptography as compared to the Symmetric Cryptography. Public Key Cryptography is mostly used for the purpose of Key Distribution and hence securing Key Distribution mechanisms should be considered as first priority. There is a possibility that the encrypted data streams are being recorded and stored NOW to be interpreted as and when the Quantum Computing power becomes available, in order to decrypt the data in future. This can be highly problematic for those scenarios whereby the information must remain confidential for 20-years or more.
Thales recommendations: Thales High-Speed network encryptors incorporate both quantum random number generation and quantum key distribution. These quantum-ready encryptors should be specified for use in all networks where highly sensitive data are in transit.
Conclusions: Preparedness is the key
Although post-quantum is projected to be a few years away, any enterprises or government agencies that rely on digital trust must start planning today to be post-quantum ready. Take the Thales free risk assessment to learn if your organization is at risk of a post-quantum breach. Having gained the situational awareness, users can then start to strategize their post-quantum implementation plan.
My thanks go to my colleague Rana Gupta, APAC Regional VP, Data Protection, for his help and input into this blog post.