Defending against the Quantum threat

Daniel Shiu at Arqit questions whether the new NIST standards are enough to protect against a looming threat

 

In a significant development last month, the US National Institute of Standards and Technology (NIST) released its long-awaited list of standards for post-quantum algorithms (PQAs). The new algorithms are designed to defend data against the threats posed by quantum computing, marking a milestone in the ongoing race to secure sensitive information before ‘Q-Day’.

 

Quantum computers have the potential to process and analyse data at speeds far beyond what classical computers can achieve. This game-changing technology could transform many industries, but tempering the excitement is the serious risk it poses to the encryption methods we use today. It goes without saying that when quantum computers become capable of breaking this encryption, exposing everything from personal data to national security secrets, the consequences will be severe.

 

While the release of these new standards is a crucial step forward, they represent just one piece of a much larger puzzle, and we must now focus on a broader, more comprehensive approach to network security.

 

Introducing the new standards

NIST’s new algorithms – ML-KEM, ML-DSA, and SLH-DSA – are designed for asymmetric encryption, which involves using a pair of keys, where one is public and one is private. These rely on different mathematical mechanisms than those used in current encryption methods, making them more resistant to the kind of brute-force attacks that quantum computers could launch.

 

ML-KEM (Modular Lattice Key Encapsulation Mechanism) and ML-DSA (Modular Lattice Digital Signature Algorithm) are based on lattice-based cryptography, which is widely regarded as one of the most promising approaches to post-quantum security. SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) uses a different approach, relying on the SPHINCS+ hashing mechanism.

 

While there is no doubt that NIST’s work is essential, it would be unwise to see these standards as a complete solution to the quantum threat. They come with a specific set of challenges that can’t be ignored, and organisations will need to approach the transition with very careful planning.

 

Considerations, challenges, complications

Two big concerns are efficiency and cost. While these algorithms delicately balance security and practicality, they may not match the efficiency or cost-effectiveness of the encryption methods currently in use. For certain applications, the required computing power and demand for additional resources could make widespread adoption more difficult as organisations struggle with higher operational costs.

 

Security concerns are also a sticking point. The development and selection process behind this list was thorough, but not without setbacks. Many potential candidates were ultimately rejected after their vulnerabilities were revealed. For instance, the RAINBOW and SIKE algorithms, which were initially considered strong candidates, were both successfully broken using a standard laptop over a weekend. This is an important reminder that those on the final list could still face unexpected security issues as global research continues. 

 

We must also consider the length of time it will take to implement the new standards. Transitioning from current Public Key Cryptography (PKC) systems to post-quantum alternatives is anything but straightforward and could take years, if not decades. 

 

The upgrade will involve updating a substantial amount of infrastructure, which is bound to encounter various technical and operational challenges. Interoperability issues between old and new systems are also likely, which could lead to complexity, extended downtime and the introduction of new vulnerabilities. 

 

Any of these factors would make the migration process more complicated and delay progress further.

 

The risks of waiting for Q-Day

We talk about Q-Day, but the threat to encryption is not in the future – it’s here right now. 

 

‘Harvest Now, Decrypt Later’ (HNDL) attacks are becoming more common, as attackers gather encrypted data now with the intent to decrypt it when quantum computers become available. This puts sensitive data at immediate and ongoing risk. 

 

The need to harden networks against quantum threats has reached a critical point. Waiting for new standards or Q-Day is not an option. Organisations that delay are merely sitting ducks, exposed to considerable risks.

 

As the timeline for fully functional quantum computers is constantly shifting, this uncertainty can lead to confusion – and ultimately procrastination. While some have estimated this to be within at least 3-5 years, a more conservative security posture is to assume that quantum computers will break encryption even sooner than that.  This will be especially true for critical data assets.

 

Symmetric Key Agreements

Organisations must be proactive. An immediate and proven solution is the adoption of Symmetric Key Agreements (SKAs), which have emerged as the ‘gold standard’ for PQAs.

 

Symmetric encryption, unlike other methods, uses a single key shared between two parties to encrypt and decrypt data. This type of encryption is inherently more resistant to quantum attacks because it does not need the complex mathematical structure of asymmetric cryptographic problems. This also leads to a much wider range of possible algorithms, which is good for cryptographic agility.

 

This isn’t just a future solution for a future problem. Implementing SKAs now can protect against current threats, such as man-in-the-middle attacks, where attackers intercept and potentially alter communications. Additionally, SKAs can be integrated into existing systems with relative ease, offering immediate protection.

 

SKAs already have the backing of both NIST and the National Security Agency (NSA) as an effective countermeasure against quantum threats. This, coupled with successful proof of concepts completed with Intel and Sparkle, demonstrate the technology’s robustness and readiness for immediate deployment. 

 

A secure digital future

The publication of NIST’s post-quantum standards was a pivotal moment, but this is just the beginning of a long and challenging transition to quantum-resistant systems. 

 

The new standards cannot stand alone. They must be paired with other strategies like SKAs to provide a comprehensive and layered defence strategy. 

 

And that process must begin right now. 

 

---

 

Daniel Shiu is chief cryptographer at Arqit

 

Main image courtesy of iStockPhoto.com and John D