Just because quantum computing is a few years away doesn’t mean that you should avoid thinking about how to deal with this emerging threat now with quantum resistant algorithms
Every month seems to bring new concerns over the security of online encryption. We’ve reported on the fact that Chrome will soon block HTTPS downloads and the concerns relating to the security of RSA, one of the most widely used encryption algorithms, due to manufacturers generating insecure keys.
These concerns are increasing due to a number of factors, few of which are new. Insider threats seem to be on the rise and are often able to get around cryptographic protections on sensitive data. Perhaps the biggest issue on the horizon, though, is quantum computing.
Quantum computers could undermine almost all of the encryption protocols that we use today. Though quantum computers are still quite some way from being practical, usable machines, once they become so, we could be looking at a whole new world when it comes to online privacy — one in which even the strongest encryption can be broken.
What can be done to mitigate these future threats from an industry perspective? And what can you do to ensure that your business is ready for the changes to come?
In this article, we’ll explore why quantum computing is such a threat to current encryption schemes and what this means for the future. Then, we’ll look at the post quantum cryptography algorithms that claim to be able to protect data even from the capabilities of quantum computers.
Let’s hash it out.
Digital Encryption and Quantum Computing
In order to understand why quantum computers are such a threat, it’s helpful to first remember how digital encryption works. There are two main types of encryption used on the web today: symmetric and asymmetric.
The former entails that each of the two parties in a transaction has a shared encryption key. The latter, on the other hand, refers to transactions in which a publicly available key is used by the sender to encrypt messages, and the recipient uses the corresponding private key needed to unscramble them. Sometimes, the two methods are used in conjunction with one another, as is the case with the secure HTTPS protocol, or what’s frequently referred to as SSL/TLS encryption.
Technically, either type of encryption can be broken given enough time and computing power. By design, however, the encryption keys used in the most common encryption algorithms, RSA, and elliptical curve cryptography, are very long, on the order of 617 decimal digits for RSA. Conventional computers would take thousands, if not millions, of years to run through the possible permutations of such a key.
That’s why, at the moment, breaking asymmetric encryption protocols is not done via so-called “brute force” attacks. Instead, hackers rely on the fact that many companies have not invested in training their employees in basic cybersecurity, and will send phishing emails to try to get access. Once quantum computers become mainstream, however, this approach might change dramatically.
Symmetric and Asymmetric Encryption
Not every type of encryption relies on the open exchange of keys, however. Public-key cryptography relies partly on asymmetric encryption, in which some keys are public and others are kept private. This is necessary because it is impossible to exchange an encryption key securely between two users who are far apart.
Symmetric encryption, in contrast, does not require keys to be sent in the open, where they can potentially be broken by quantum computing algorithms. Instead they require that the sender and recipient of a message exchange an encryption key in person. Alternatively, they are used in cases where the data isn’t being sent at all, such as for data stored in a database.
This key is inherently secret, so the user’s data is kept safe. In fact, as long as this key is long enough in relation to the message and is only used once, it’s unbreakable by either classical or quantum computers.
As a result, and as MIT has pointed out, quantum computers are predominantly a threat to asymmetric encryption protocols and not symmetric systems. Finding a private, secure channel with quantum resistant algorithms to exchange encryption keys might present a challenge, but it might become necessary.
Breaking the Code: Quantum Computers vs Conventional Computers
Quantum computers work in a fundamentally different way than standard computers. Conventional computers store data as 1s and 0s. Quantum machines use qubits that can represent numerous possible states of 1 and 0 simultaneously — a phenomenon known as superposition. They can also influence one another at a distance, thanks to a phenomenon known as entanglement.
In practice, this means that quantum computers will have vastly more processing power than standard computers. As MIT put it, “a quantum machine with 300 qubits could represent more values than there are atoms in the observable universe.” This means that quantum computers can guess an encryption key far more quickly than a conventional computer.
Last year, the U.S. National Academies of Sciences, Engineering, and Medicine predicted that a powerful quantum computer would be capable of cracking a 1024-bit implementation of RSA in less than a day. Of course, such a computer doesn’t exist at the moment, but most experts agree that it will be part of our daily lives in the very near future.
This could be a huge problem for the cybersecurity sector, which is already struggling to deal with the security challenges of the Internet of Things (IoT) and the rise of encrypted malware. At the broadest level, such fears could completely undermine consumer trust in online encryption.
Online privacy surveys already indicate that many U.K. consumers are concerned that their personal data is not safe, with more than 52% of respondents indicating that they are more concerned about how their privacy is handled than they were a year ago. Headlines about the imminent rise of quantum computers do little to reassure them.
SSL, TLS, and Quantum Computing
At this point, you are probably wondering what real-world affect these advances will have, so let’s take an example. SSL and TLS certificates represent the most widespread use of encryption on the web. These certificates are required by web browsers in order to connect securely to websites: If you’ve even seen a warning in Chrome or Firefox about a website having out-of-date certificates, this is the SSL / TLS system in action.
At the moment, SSL and TLS certificates are only valid within a two-year period of when they were issued. This is because two years is far too little time for a hacker to break the encryption that they use with current technologies. If and when quantum computers are able to dramatically cut this time down, there will be a relatively simple way to keep the system secure: cut down the deadline for certificates expiring. This has already been done, in fact, by Apple, who cut down the SSL certificate expiry in Safari to one year in order to improve the security of the system.
If quantum computers become feasible for the average hacker, it’s likely that even with one-year maximum validity, current encryption won’t be able to keep up. Hackers will be capable of saving intercepted data until they break the encryption, and then decrypt it even if the SSL certificate is expired and no longer in use.
The Prognosis for Quantum-Resistant Algorithms and Encryption in the Post-Quantum World
In reality, it’s unlikely that quantum computers will be able to break RSA (or any other currently secure algorithm) anytime soon. In 2015, researchers predicted that a quantum computer would need a billion qubits to be able to crack the 2048-bit RSA system pretty comfortably. More recent research suggests that a computer with 20 million qubits could do the job in just eight hours. However, that’s way behind the current capabilities of quantum machines, the most advanced of which have 128 qubits, according to MIT Technology Review.
Nevertheless, governments and businesses need to start thinking now about how they will keep their data safe once quantum computing becomes this powerful.
Government and military systems are generally built with a decades-long lifetime in mind, as are many commercially available software-as-a-service (SaaS packages). Considering that it’s expected for 86% of organizations to be using SaaS for most of their needs by 2022, any organization planning to store data for this kind of time period needs to start thinking, now, about how to keep their data safe from cybercriminals who will be using quantum computers.
A Glimpse Into How Post-Quantum Algorithms Could Work
Doing that will require an integrated approach. On one hand, researchers are busy creating more secure cryptographic protocols — quantum-resistant algorithms or post quantum cryptography algorithms, if you will. Even the simple expedient of doubling the size of an encryption key, from 128 bits to 256 bits, for instance, squares the possible permutations in AES encryption.
Then there are more advanced functions, including exotic-sounding ones like lattice-based cryptography and supersingular isogeny key exchange (a type of Diffie-Hellman protocol).
Lattice-based cryptography gets its name from how crypto schemes often come with security proofs that utilize difficult math equations involving lattices. Math problems involving lattices have proven themselves to be very effective because of the very wide range of cryptographic schemes and new cryptographic tools that they can create, including those of which we have no analogs for. This also includes difficult-to-solve problems that, to our current knowledge, cannot be solved with a quantum computer.
Supersingular isogeny key exchange (also known as supersingular isogeny Diffie-Hellmann key exchange, or SIDH), meanwhile, is a cryptographic algorithm that allows two parties — without any prior knowledge of one another — to set up a secret key between them over an unsecure communication channel. When compressed, SIDH utilizes 2688-bit public keys at a 128-bit quantum level, which is also among the smallest possible key sizes of all post-quantum cryptosystems.
However, emerging post quantum cryptography algorithms such as lattice-based cryptography and SIDH will still need to be tested against quantum machines. This will require coordination across business and governmental bodies. At the moment, the U.S. National Institute of Standards and Technology (NIST) is taking a lead on this process. It launched a process in 2016 to develop standards for post-quantum encryption for government use. It’s already narrowed an initial set of 69 proposals down to 26, but says it’s likely to be around 2022 before draft standards start to emerge.
Going further, some industry experts have suggested that a Federal Department of Cybersecurity would be a useful addition to machinery of the U.S. government, because it could act as a central source of knowledge and recommendations for both government and business cybersecurity initiatives.
The Future Is Now
Despite the fact that quantum computing is still some years (or decades) away from being a practical tool, governments and businesses alike need to start thinking now about how to deal with quantum computing as an emerging threat by using the appropriate post quantum cryptography algorithms.
In this context, we might not have as much time as we think. In short, it’s time to take a look at our picks for the best books on cybersecurity, and prepare for the future, because it’s already here. Examples of what you can do include begin proof-of concept testing to identify areas where you are most likely to experience significant challenges, making an inventory list of where cryptography is being used in your organization, and making sure that your vendors have a plan for staying ahead of the curve when it comes to quantum computing threats.
With that in mind, DigiCert now offers PQC digital certificates that support hybrid post quantum cryptography encryption options. This will allow you to begin testing PQC while remaining fully compatible with the industry’s existing algorithms.
Cryptographic protocols take a long time to develop, standardize, and roll out across the world, and they can take equally long to retire from use. Last year’s National Academies study highlighted the fact that it took more than a decade to completely retire one widely deployed cryptographic approach that was shown to be flawed.
It’s just another example of how we’re not nearly as ready for quantum computing and the threats it presents as much as we think.