Post-Quantum Crypto Agility
What does it really mean to data protection?
Is it really the end of encryption as we know it?
The threat and arrival of quantum computers is ever-present with physics breakthroughs, more Qubits, quantum “supremacy”, and cloud service providers designing quantum computers, but what does it really mean to data protection? Is it really the end of encryption as we know it?
Answer: Quantum computing uses quantum bits, or qubits, based on quantum physics to break barriers currently limiting the speed of today’s common computers. It does not give you more processing power, instead it relies on superposition (ability to be in multiple states at the same time) and entanglement (the perfect unison of two or more quantum particles) to process large quantities of information including numbers. The first real use for quantum computers will likely be for advancements in areas such as material design, pharmaceuticals, and optimizing the power grid.
Answer: Today’s public key cryptography is based on factorization for RSA algorithms, or discrete log problems with DSA, Diffie-Hellman, and Elliptic-Curve Cryptography (ECC). Although these hard problems are sufficient today, as soon as a hacker has access to a quantum computer they will be able to weaken these algorithms with quantum algorithms such as Shor’s or Lov Grovers, by breaking them or reducing the strength of the symmetric crypto keys and crypto hashes. As a result, everything we rely on today to secure our connections and transactions will be threatened by quantum cryptography, compromising keys, certificates and data.
Today no quantum computer can run quantum algorithms, but once it does, a multitude of public key-based protocols including TLS / SSL, IPSEC, SSH, Internet of Things (IoT), digital signing and code signing will become vulnerable to eavesdropping and public disclosure as they are not strong enough to resist a quantum attack. No one has a concrete date as to when we will hit the post-quantum era, but there are strong indicators that it will start somewhere between 2023 and 2030. If these dates are in fact true, then in some cases, it might already be too late. For example:
Crypto algorithms don’t require quantum to be broken – most break over time and it happens without warning. The post-quantum era just adds another level of concern. A few items you can start practicing today include:
Crypto Agility provides you with the ability to quickly react to cryptographic threats by implementing alternative methods of encryption. As a result you will:
Start protecting your mission-critical connected devices today using advanced quantum-safe digital certificates and secure key management for IoT connected devices. Together Thales and ISARA are partnering to ensure connected systems for automobiles, industrial control systems, medical devices, nuclear power plants and other critical infrastructure are safe from threats in five, 10 and 20 years.
Generating unique and truly random numbers is a powerful combination to securing an enterprise. High entropy and secure key storage addresses critical applications where high quality random numbers are absolutely vital such as: cryptographic services; numerical simulations; cloud; compliance; gaming; and IoT-scale device authentication and managed end-to-end encryption.
Without quantum-safe encryption, everything that has been transmitted, or will ever be transmitted over a network is vulnerable to eavesdropping and public disclosure. Take our free Post-Quantum Risk Assessment and in under 5 minutes you will have a better understanding if your organization is at risk to a post-quantum breach, learn about the scope of work required, and what you should be doing today to be post-quantum ready.
Although the post-quantum era is still a few years away, practicing crypto agility now will help avoid expensive security retrofitting in the future as quantum computing becomes more prevalent.
Don’t risk a compromise of your private root keys. Contact us to learn how Thales’s Luna Hardware Security Modules, Thales’s Data Protection on Demand, and High Speed Encryptors, together with ISARA’s Quantum-Safe Security Solutions can help you get prepared.
This solution brief will focus on the use of Thales Luna Hardware Security Modules, Thales High Speed Encryptors, and ISARA’s quantum-safe solutions to enable the most seamless, trustworthy and cost-effective method of transitioning to quantum-safe security while maintaining...
We've all heard that quantum computers are coming; beyond being a boon for materials science they're going to wreak havoc for cybersecurity. Part 3 of this series from Thales will outline the scope of the problem (it's more than just algorithms) as well as the work required...