“With Great Power Comes Great Responsibility" This line might be taken from a Spiderman movie, but it makes it no less true.
Technology provides us with this "use of power moral dilemma" on a regular basis. Perhaps the single biggest example that changed the world forever was the technology that split the atom, providing the basis for clean technology that can power cities or destroy them.
Quantum Computing is another example of enormous power that can be used for good such as sequencing genomes but can also be used for bad.
Quantum computing is perfect for cracking algorithms and that includes the encryption algorithms we rely on to keep our data, clouds and web traffic safe. In fact, security company Thales advise that nation-states need to start thinking now about Quantum resistant security posture.
With the same computing power, you can also achieve quantum-powered security for your data. This is also called being quantum-safe, security that is resistant from vulnerabilities enabled by quantum computers.
With the advancements of the technology in the present, the impending arrival of large-scale quantum computers, powerful enough to pose a threat to today’s encryption is something to be aware of in the near future. It is no longer a question of “if,” but “when” this level of cryptographically relevant quantum computing will be available.
As such, it is now imperative for organisations to start their transition to quantum-resistant security as a preparation for the future. In fact, security group Thales and quantum-safe security solutions provider ISARA believe government and commercial organisations should plan to have protection in place in their security systems to defend from any potential quantum computer attacks no later than 2023.
With that, Thales provided some challenges in the present quantum computing landscape and recommendations on upgrading existing security systems to an agile quantum-safe one.
First, the asymmetric algorithms upon which Public Key Infrastructures (PKIs) are based, will need to be made quantum-safe before they are susceptible to total compromise by a large-scale quantum computer.
As a solution, Thales recommends that the most effective method of migrating PKIs from classical to quantum-safe algorithms is to utilise a crypto-agile approach using ISARA Catalyst™ Agile Digital Certificate Technology. This enables the insertion of a quantum-safe public key and issuer signature into the existing certificate while maintaining backwards compatibility with your existing installation.
The second challenge is future-proofing the security of connected devices. For Thales, before public-key cryptography can be used for authentication in connected devices, there is an important initial setup that needs to be performed.
SafeNet Luna Hardware Security Modules (HSMs) enable you to update cryptographic algorithms in-field, providing you with the crypto agility to quickly react to cryptographic threats by implementing alternative methods of encryption. Together, Thales and ISARA have the technology to secure code and certificate signing with quantum-safe algorithms today.
Lastly is the challenge of future-proofing the security of communications since we use separate types of cryptographic algorithms today. Once an adversarial entity has access to a large-scale quantum computer, they will have the ability to break current public-key cryptography.
This would allow them to break the key establishment part of the communication protocol, unmask the symmetric encryption key and read the exchanged data in cleartext.
While there are no quantum-safe key agreement or key transport algorithms that have been standardised thus far, Thales’ recommended approach is to use a hybrid key establishment solution, with key material protected by a SafeNet Luna HSM.
A hybrid solution would combine multiple key establishment mechanisms in a way where this new mechanism has the combined security advantages of each individual component.
To conclude, the best possible way to prevent security risks coming from powerful quantum computers is to fight it with the same computing power through quantum computing. While this possibility will only happen in the near future, it is best to prepare.
ISARA’s team of researchers includes multiple PhDs in quantum computing and mathematics. Coupled with professional developers, crypto-agility and the strength of Thales' Cloud Protection & Licensing (CPL) suite of products, together they are able to spearhead the industry in developing quantum-safe tools and solutions to address the threat to encryption posed by large-scale quantum computers.
"To find out more about quantum safe solutions that can help you upgrade and futureproof your existing security systems, click here."