The Quantum State of Play in 5G
Quantum computing has found theoretical application in modern computation systems, including cellular networks like 5G. However, privacy and data security concerns are set to play a vital role as new vendors and technologies emerge to capitalize on 5G capabilities. This expansion and significant architectural changes will create highly complex networks, exposing new vulnerabilities and more significant risks as we move towards a post-quantum (PQ) world.
Quantum computers could break cryptographic algorithms, posing a significant threat to modern telecommunications networks. The development of quantum-safe cryptography, also known as Post-Quantum Cryptography (PQC), is a crucial prerogative for Mobile Network Operators (MNOs) to protect communications in 5G networks. However, the development of PQC is in its early stages and still in the standardization process, with NIST, NSA, and GSMA leading the way.
All stakeholders must understand the risks, develop contingency plans, and implement appropriate solutions to achieve quantum resistance in application-specific use cases across modern telco networks.
The Importance of Quantum-Resistance for 5G Networks
The importance of cryptography in 5G networks has increased significantly due to the transition to cloud-native and software-defined infrastructure. 5G networks primarily use Public Key Infrastructure (PKI) protocols for almost all uses of public-key cryptography, including access networks, service core networks, interconnect, and home core networks.
However, many of these protocols are at risk due to their vulnerability to quantum attacks. Symmetric cryptography, which uses at least 128-bit long keys, is considered strong enough for current cybersecurity purposes. In the quantum era, however, symmetric cryptography is much more vulnerable. An increase in key size may be sufficient to make it quantum-resistant and to compensate for the quadratic speedup achieved by Grover's algorithm.
On the other hand, asymmetric cryptography requires new algorithms to be developed and standardized before they can be implemented. The 3GPP mobile comms standardization body is currently waiting on work by the Internet Engineering Task Force (IETF) workgroups to update their standardized protocols before integrating them into future 5G releases.
The integration of PQC will need to strike a balance between length, brevity, complexity, and efficiency, as there will be different demands depending on the applications. The development of QR primitives is already late, but a few have initiated work in the space. The IETF is essential to 5G networks, as it is where collaborative industry efforts to standardize protocol implementations of PQC algorithms will crystallize.
The telco industry needs to focus on how PQC algorithms and standards will affect 5G networks and how they can be effectively integrated into future releases. However, there is limited involvement by MNOs and others in the telco industry either in standardization efforts or in Research and Development (R&D).
Operator Transition Strategies to Becoming Quantum-Safe
The transition to quantum-safe PQC will take time, likely a few decades, with a transitional period between classic cryptography and PQC usage when hybrid formats are used in parallel. This transition must consider legacy devices and systems that cannot support PQC and low-power devices with limited computation resources. MNOs must overcome their high-risk aversion around deploying immature technology and work to understand how they can best secure their networks now.
Crypto agility is critical for MNOs, leveraging hybrid implementations to ensure backward compatibility and figuring out how to continue protecting classical cryptography. The key is to chart a safe path to PQC integration through an incremental transition and, at a minimum, the deployment of quantum-safe technologies.
Hybrid deployments will be the middle ground for the PQ transition and crypto-agility movements. Certificate Authority (CA) and PKI providers' decisions regarding how they transition to PQ certificates will be crucial, and their approach will have a hand in dictating the adoption of PQC implementations within 5G networks. Hybrid cryptography can secure data in motion by combining symmetric encryption with public key ciphers. A PQC algorithm can be used alongside a classical algorithm, making the model agile, as various PQC Key Encapsulation Mechanisms could effectively be leveraged.
The advent of 'years to quantum' (Y2Q) is a future risk that is more difficult to assess and quantify than having to rip and replace existing infrastructure. With 5G networks expected to be in their prime by 2030, without adequate quantum-safe protections, they will be exposed and vulnerable to attack-capable quantum computers. Developing strategies around crypto agility, hybridization, and PQC migration are critical for the telecoms industry.
How Thales Can Help
Thales, a leading provider of PQC solutions, has been actively involved in R&D and standardization efforts since 2013. The company co-authored the Falcon digital signature algorithm, which NIST selected as a candidate for PQC standardization. Thales' Digital Identity and Security (DIS) and Trusted Cyber Technologies (TCT) are participating in the NIST National Cybersecurity Center of Excellence (NCCoE) Migration to PQC Project. Thales is aligning its PQC offerings with the NIST-selected algorithms and optimizing performance for upcoming releases. The company is also accelerating practical Proofs of Concept (PoCs) for hybrid algorithms in digital signatures and key exchange mechanisms.
Thales encourages enterprises to prepare today by assessing their crypto inventory and overall PQC readiness for every crypto-dependent application. Crypto agility facilitates changes to cryptography, even after deployment, and allows for easier transitions, including PQC.
Download the joint ABI Research and Thales paper on Achieving Quantum-Readiness in 5G Networks for more insight. You can also visit us at Mobile World Congress 2024 taking place in Barcelona February 26 – 29. Find Thales in Hall 2, Stand 2J30.