Post-Quantum Crypto Agility
What does it really mean to data protection?
Is it really the end of encryption as we know it?
The threat and arrival of quantum computers is ever-present with physics breakthroughs, more Qubits, quantum “supremacy”, and cloud service providers designing quantum computers, but what does it really mean to data protection? Is it really the end of encryption as we know it?
Answer: Quantum computing uses quantum bits, or qubits, based on quantum physics to break barriers currently limiting the speed of today’s common computers. It does not give you more processing power, instead it relies on superposition (ability to be in multiple states at the same time) and entanglement (the perfect unison of two or more quantum particles) to process large quantities of information including numbers. The first real use for quantum computers will likely be for advancements in areas such as material design, pharmaceuticals, and optimizing the power grid.
Answer: Today’s public key cryptography is based on factorization for RSA algorithms, or discrete log problems with DSA, Diffie-Hellman, and Elliptic-Curve Cryptography (ECC). Although these hard problems are sufficient today, as soon as a hacker has access to a quantum computer they will be able to weaken these algorithms with quantum algorithms such as Shor’s or Lov Grovers, by breaking them or reducing the strength of the symmetric crypto keys and crypto hashes. As a result, everything we rely on today to secure our connections and transactions will be threatened by quantum cryptography, compromising keys, certificates and data.
Today no quantum computer can run quantum algorithms, but once it does, a multitude of public key-based protocols including TLS / SSL, IPSEC, SSH, Internet of Things (IoT), digital signing and code signing will become vulnerable to eavesdropping and public disclosure as they are not strong enough to resist a quantum attack. No one has a concrete date as to when we will hit the post-quantum era, but there are strong indicators that it will start somewhere between 2023 and 2030. If these dates are in fact true, then in some cases, it might already be too late. For example:
In just 5 minutes you will gain a better understanding of your organization's post-quantum breach risk.
Crypto algorithms don’t require quantum to be broken – most break over time and it happens without warning. The post-quantum era just adds another level of concern. A few items you can start practicing today include:
Crypto Agility provides you with the ability to quickly react to cryptographic threats by implementing alternative methods of encryption. As a result you will:
Start protecting your mission-critical connected devices today using advanced quantum-safe digital certificates and secure key management for IoT connected devices. Together Thales and ISARA are partnering to ensure connected systems for automobiles, industrial control systems, medical devices, nuclear power plants and other critical infrastructure are safe from threats in five, 10 and 20 years.
Generating unique and truly random numbers is a powerful combination to securing an enterprise. High entropy and secure key storage addresses critical applications where high quality random numbers are absolutely vital such as: cryptographic services; numerical simulations; cloud; compliance; gaming; and IoT-scale device authentication and managed end-to-end encryption.
Without quantum-safe encryption, everything that has been transmitted, or will ever be transmitted over a network is vulnerable to eavesdropping and public disclosure. Take our free Post-Quantum Risk Assessment and in under 5 minutes you will have a better understanding if your organization is at risk to a post-quantum breach, learn about the scope of work required, and what you should be doing today to be post-quantum ready.
Although the post-quantum era is still a few years away, practicing crypto agility now will help avoid expensive security retrofitting in the future as quantum computing becomes more prevalent.
Don’t risk a compromise of your private root keys. Contact us to learn how Thales’s Luna Hardware Security Modules, and High Speed Encryptors, together with ISARA’s Quantum-Safe Security Solutions can help you get prepared.
Data privacy legislation is extending its reach beyond the basic requirements of personally identifiable information to include information that could be detrimental to the critical infrastructure of a city or country.
Quantum computing is the future, and as such we must prepare for quantum hacking. What will security look like in the post-quantum era? Key Points/Stats from this Infographic: 1994 is the year Shor’s algorithm was created 5 Years is the time within which IBM predicts...
This solution brief will focus on the use of Thales Luna Hardware Security Modules, Thales High Speed Encryptors, and ISARA’s quantum-safe solutions to enable the most seamless, trustworthy and cost-effective method of transitioning to quantum-safe security while maintaining...
The onset of large-scale quantum computing will break current public-key cryptography, resulting in widespread vulnerabilities within everything that connects and transacts. This results in a unique problem for long-lived connected devices deployed today which need to remain...
Thales High Speed Encryptor Solution experts and key partner Senetas recently held a highly attended virtual SecureWorld Web Conference on March 26, 2020. Julian Fay from Senetas, Charles Goldberg and Stan Mesceda from Thales discussed the current and not too distant quantum...
In this talk, Thales and ISARA will explore securing connected cars using the next-generation of digital signatures: Stateful hash-based signatures. Learn about quantum computing and its effect on current public key cryptography, the challenges quantum presents, and explore...
Learn how the quantum threat impacts internet security and why it is important we begin preparing for it today, how Luna HSMs solve the challenges presented by stateful-hash based signatures, and how crypto-agility combined with stateful hash-based signatures allows you to...