Within the next few years a quantum computer will crack encryption. This once in a generation event will, in a single moment, render the entire world’s data vulnerable to theft and exploitation. While every cyber security team must deal with everyday threats, quantum computers are the ‘mega-threat’ to which their attention must now turn.
Quantum computers work differently from today’s ‘classical’ machines. This is because they are extremely good at performing vast amounts of computations in parallel whilst today’s computers have to solve problems one at a time. As such, quantum machines can derive knowledge from small datasets, which will allow them to break encryption.
But of even more pressing concern for those working in sensitive industries is the risk posed by a ‘harvest-decrypt’ attack. Here, a rogue nation-state or bad actor can intercept data today with the intention of decrypting it once quantum computers are sufficiently developed (sometimes referred to as Y2Q). So, whether you’re an IP heavy industry involved in drug discovery or the design of a new electric vehicle, or the custodian of financial assets with personally identifiable information (PII), now is the time to prepare your organisation.
NIST’s Post Quantum Cryptography Standardisation
Four years ago, the National Institute of Technology (NIST) launched a global competition to develop new algorithms that can withstand the quantum threat. Immense progress has been made, and it is expected that a new encryption standard will be ready in early 2022. This will replace – or likely supplement – today’s standards.
Post-Quantum has been an active contributor to NIST’s process. Our submission, now merged with the proposal led by Professor Daniel Bernstein, ‘Classic McEliece’ is one of four finalists in the encryption and key exchange category, and the only finalist in the “code based” sub-category. It may well be this algorithm that protects your data in the years to come. But whichever algorithms NIST chooses to standardise, there are practical steps you can take now to prepare for the post-quantum future.
Whilst many are waiting for NIST’s standard to emerge before taking action on quantum encryption, things are not quite so simple. Upgrading to quantum-safe cryptography isn’t a straightforward task and waiting for the standard to emerge will leave lots of companies competing for a very small talent pool proficient in this technology.
You have to act now to become quantum-ready. Here are my recommendations for steps you can take today to prepare for the Y2Q future:
We can’t be sure which quantum-safe algorithms NIST will standardise and because these algorithms are still relatively new you may not yet want to disband today’s standards. Therefore, as we make the transition to quantum-safe security it’s important to practice ‘crypto-agility’.
Crypto-agility is a design concept baked in at the protocol level which means the system has the ability to use an alternative cryptographic algorithm and also an option to use multiple of algorithms without infrastructure change. With this approach recommended by the NSA and NIST, it’s possible to keep the tried and tested classical cryptosystems we use today, like RSA, alongside one or more post-quantum algorithms. We do expect some organisations will apply more than one post-quantum algorithm concurrently to further enhance security.
So, whether you’re buying or building, it’s important to plan with crypto-agility in mind from the outset.
Consider deploying a quantum-safe VPN
One of the ‘lowest impact, highest reward’ steps you can take now is to upgrade to a hybrid, quantum-safe VPN to protect data flowing between your sites and between your staff who are likely to remain working from home for the foreseeable future.
The Internet Engineering Taskforce (IETF) recently developed a set of specifications for such VPN products, with our team playing a central role in the creation and development of those specifications.
The IETF specification is crypto-agile, supporting hybrid key establishment so post-quantum algorithms can work alongside today’s standards, ensuring there is no drop-off in protection from traditional threats. It also provides for the negotiation of one, or more than one, post-quantum key establishment schemes for those organisations seeking a double layer of post-quantum crypto.
Quantum-safe VPN products based on the IETF specification are just beginning to emerge in the market so upgrading is a relatively simple step firms can already take. However, they must choose a backward compatible product to limit disruption.
Set-up your Y2Q crypto-migration as a defined project now
Fortunately, migrating an enterprise to new cryptography only happens once every few decades. Like any large IT programme, it will need a dedicated team, resource and a project plan to ensure success.
One of the first steps is taking a comprehensive inventory of where cryptography is deployed today across the organisation so that you can map out a migration path that prioritises high value assets, whilst identifying any expected impact on operational systems.
You’ll also need a communication plan so that developers and application managers begin to take ownership for the cryptography operating in their domain. Everyone needs to be aware of this change and feel like they have a stake in the migration.
A once in a generation threat
The emergence of quantum computers is a once in a generation threat that completely re-writes today’s cyber security rules. Companies that effectively ‘quantum-proof’ their organisation will avoid last-minute firefighting and win the race for scarce post-quantum talent that is bound to ensue.
For those thinking of upgrading workflow and network systems anyway, it makes sense to ensure they’re quantum-ready as a key differentiator and to ensure the longevity of any such investment.
Author: Andersen Cheng, CEO at Post-Quantum