Businesses should already be aware that quantum computing threatens to break the encryption that underlies all current digital interactions. This was already a significant challenge that required focused attention, but recent developments have made combating this threat much more urgent.
The National Institute of Standards and Technology (NIST) recently released new quantum-resistant public-key cryptography algorithms, and US President Biden directed authorities to “begin the multi-year process of migrating vulnerable computer systems to quantum-resistant cryptography.”
However, the consensus was that companies had time to migrate their encryption as well NIST explains: “Experts predict that by 2030 we will have full-fledged quantum computers capable of breaking asymmetric key cryptography.”
This 2030 timeline was based on two assumptions – first, that asymmetric encryption like RSA is more vulnerable than symmetric encryption like AES, and second, that full-scale quantum computing would be required to threaten current encryption.
Now an article published in Science China Information Sciences seriously challenges both of these assumptions. It has shown that, first, a variational quantum attack algorithm poses more of a “threat to symmetric cryptography” than to asymmetric cryptography. Second, it runs on current-generation quantum hardware and is “even faster than Grover’s algorithm” — the previous gold-standard decryption approach that required a full-fledged quantum computer.
This new attack significantly overturns the previous consensus, and companies should plan now on the basis that quantum computers are likely to break current encryption standards by mid-decade. A lack of migration puts many important digital interactions at risk, including banking, web browsing, file sharing, video conferencing, and more.
To begin work on what is now an urgent migration from current encryption methods to next-generation approaches, organizations should embrace the three Aces: be aware of the problem, design a solution, and apply it.
Firms should ensure they understand the four post-quantum cryptographic solutions (PQCs) recently selected by NIST. They need to be aware of how these differ from current methods in their implementation and what this might mean for their individual organization.
This should include understanding how the lattice-CRYSTALS pair CRYSTALS-Kyber, the only chosen public key scheme, and CRYSTALS-Dilithium, one of the digital signature options, complement each other and when the other two digital signature options, Falcon, which NIST recommends using when dilithium becomes too large and unwieldy, and Sphincs+, a much more traditional scheme design.
At the same time, companies should consider where physical distribution of quantum keys could provide additional protection by using quantum technologies to secure data with physics. These technologies may be more accessible than you think. In the UK, BT is building the world’s first quantum-proof underground network across London.
Using a mix of new quantum-resistant encryption methods avoids the risk of putting all eggs in one basket, which is an important factor in this emerging field where we have already seen weaknesses in encryption approaches previously seen as promising, such as rainbow.
The migration to post-quantum cryptography will be a multi-year process that will require phased delivery. Systems shipping today typically have a lifespan of several years, and organizations must therefore consider migrating to post-quantum cryptography from the start. Likewise, for data that needs to be kept secure for a medium- to long-term lifetime, NIST warns of the risk of attackers “copying down your encrypted data and holding onto it until they have a quantum computer.”
Organizations should therefore assess the different types of risk they face in their enterprise architecture – such as B. the sensitivity of data, the length of time for which encryption must be maintained, and the risk of copies being made by external actors for later decryption. Plan and prioritize migration accordingly.
Finally, companies need to focus on how they will implement their chosen mix of standardized NIST post-quantum cryptography and physical quantum key distribution. This requires careful selection of software and firmware. Also, in our connected world, companies need to build and secure their supply chain and develop the appropriate stress testing capabilities to maintain security. The best way to do this is to start small and take action early to build your skills and experience.
Just two weeks after NIST announced new post-quantum cryptographic approaches, our assumptions about the quantum threat have been turned on their head by a new quantum attack that has changed the calculation of risk and reduced the deadline for migration. Action is needed now, and organizations must begin assessing and addressing this risk today to protect themselves in the not-too-distant future.
Richard Watson-Bruhn is a Quantum Computing Expert and Mark Chang is a Quantum Security Expert at PA Consulting