The Looming Crypto Crisis Is Coming With Quantum Computing – EEJournal
It seems, more and more, that writing about technology is becoming nothing more than covering a long list of ongoing crises. The crisis of the day is the impending breakdown of cryptographic security, thanks to the expected arrival of quantum computers. Today’s cryptography relies heavily on implementations of RSA public key cryptography, which is now ubiquitously used for encryption and decryption of data in networking and computing. RSA encryption – named after its first inventors: Rivest, Shamir and Adleman – relies on the difficulty of decrypting encoded data without a key, requiring tedious calculations to factor large numbers if you don’t have the encryption key .
As computers got faster, RSA keys got longer to try to secure data. However, once quantum computers enter the scene, cryptography experts expect RSA-based data security to quickly break down, thanks to Shor’s algorithm, which American mathematician Peter Shor developed. in 1994 specifically for quantum computers, even though they didn’t exist yet. Shor’s algorithm quickly finds the prime factors of a large integer.
The National Institute of Standards and Technology (NIST) recognized the impending cryptographic crisis in 2016 and initiated a program to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. Many candidate algorithms have been submitted to NIST for evaluation and have gone through multiple rounds of evaluation. NIST is not expected to complete the standardization process for quantum-safe cryptography until 2023.
The IBM Quantum-Safe interview
My colleague and principal analyst at TIRIAS Research, Kevin Krewell, recently interviewed two people at IBM Research regarding IBM’s work on quantum cryptography. The two people are Ray Harishankar, an IBM fellow and vice president working on secure quantum cryptography, and John Buselli, executive director of business development. IBM is currently developing a rapidly evolving line of quantum computers, so the company is acutely aware of how these computers will soon make RSA encryption obsolete. Kevin kindly agreed to let me use the interview to shed some light on the current situation regarding quantum cryptography.
Buselli set the scene early in the interview:
“Our general MO [modus operandi] was not to spread sadness and unhappiness and come to [the issue] with the Grim Reaper. There are different views…as to when this might come to fruition. It’s open to healthy debate. You may be following what the NIST says. I think they came out very firmly [in September] and said they expect RSA 2048 to be cracked by 2035, based on their projections. There are other experts and other analysts or industry followers who will say slightly different things. Our point of view is a little different. Yes, we believe that [RSA decryption using quantum computers] will inevitably happen. But what’s important is what you do today to prepare. Crypto management and crypto transition is not a one-time event. It is a continuous, even multi-annual journey.
“A few more data points to call. NIST has published reports and you also have national security memoranda that call 2035 as the date. The NSA announced [in September] that 2035 is the date they expect things to be in line [with yet-to-be-published quantum-safe cryptography standards]. And then there’s also this World Economic Forum article that Deloitte and the World Economic Forum put out – where they also call 2035 the danger zone. And if you read the NSA papers, they say all web servers and all network devices should be compliant by 2030. But that’s a cascading series of tasks. You can’t expect them all to be ready by 2030. Nobody ever said that wouldn’t happen. And for John’s previous point, you have to be prepared. That’s all we’re trying to say. And while you’re trying to prepare, be aware of a few things.
“The first is that there is a time frame that you have to consider to upgrade everything you need to move to quantum-safe cryptography. Software systems require a lead time of five to seven years. Most software, infrastructure, and security architecture, if any, are sort of organically grown and morphed over time, so they’re hard to change .
“Second, you have to consider the temporal sensitivity of the data. By this I mean that there are regulatory compliance requirements that may require you to retain data for longer periods of time. Why is this important? It’s important because there is this notion of “download now and decrypt later”, which means that [data thieves and other bad actors] don’t know how to decrypt the data today, but it’s ok. The disc is cheap. So they download all they can [through data breaches] today, then cling to this data, betting that they will eventually have the decryption mechanism. Then they will decipher everything [that stored data] and see what nuggets they can find. So people need to worry about it now, and make sure they have an action plan that they can put in place as soon as they are ready, and the standards are announced…
“So given that, NIST in 2016, I believe, started a campaign or a contest to say, ‘look, submit algorithms that can’t be broken by quantum computers [and classical computers]’, because you technically don’t need a quantum computer. All the work we’re talking about happens with conventional computers. [NIST] had several rounds of very rigorous evaluations and tests, and after four rounds of about 80 [algorithms] which were filed on July 5e of this year, they announced four [algorithms] who have passed their fourth round of assessment and have declared that our standards are likely to be based on these [four algorithms]. Three of these four algorithms come from IBM, in collaboration with university partners. »
IBM isn’t just working on the theoretical side of these quantum-safe algorithms. The company’s recently announced z16 CPU, equipped with a Crypto Express 8S Hardware Security Module (HSM), provides quantum security API access to two of NIST’s selected quantum security algorithm candidates – CRYSTALS-Kyber and CRYSTALS-Dilithium – implemented in the on-board HSM. crypto engines. Also, says Buscelli, IBM has been experimenting with these quantum algorithms on some of its tape drives for some time.
Quantum-Safe: Not Just for Data Centers
However, before concluding that quantum cryptography is strictly for data centers, this is not true at all. Devices at the edge – IoT devices – are also vulnerable. Consider this additional information from Harishankar’s portion of the interview:
“…now think of an automobile, which someone once described as an IoT device capable of moving at high speed. Anything that has electronic communication is going to have exposure, and there’s an associated timeframe for you to understand [a quantum-safe strategy]. The quantum security algorithms we created took into account the form factor of the deployment, as the new algorithm cannot consume huge amounts of CPU. [bandwidth]or request additional memory, or request [communications] a bandwidth that cannot be supported by those devices at the edge that have minimal memory and need to operate with low bandwidth.
These quantum security strategies must be tailored to the target device. Harishankar continued:
“My coffee maker tells me when a coffee is ready, but I don’t care if it [communication] break or not. However, I don’t want anyone to use it [device] as a backdoor to access my network. Right?”
Then Buselli elaborated by recalling Target’s cybersecurity breach in 2013. Criminals stole information from approximately 40 million debit and credit card accounts in that breach, and they broke in using the information of identification provided to Target’s CVC service provider. Target said the breach cost the company $202 million, including an $18.5 million settlement in a lawsuit filed by 47 U.S. states and the District of Columbia.
This breach is an example of access gained through an OT (operational technology) billing system that was linked to the company’s computer (information technology) system. Buselli pointed out that you can imagine the same kind of vulnerability for power plants, automobiles, and even the electrical distribution network. Many networks are really just a collection of IoT devices, each of which could be compromised to access a larger network.
Buselli concluded by saying:
“And again, we are very careful not to sow bad luck. We don’t want to lead with that view. But, practically speaking, it takes time to transform. And that’s really our fundamental position. You have to start, don’t you?
So what’s in your quantum security strategy?