Quantum Technology is Closer Than You Think
The threat of quantum computers is the ability to break public key cryptography as we know it. Experts estimate that the large-scale quantum computers that are expected within the next five to seven years, will be capable of breaking most current public-key encryption algorithms such as RSA, ECC, and Diffie-Hellman, rendering them useless.
“It is critical to begin planning for the replacement of hardware, software, and services that use public-key algorithms now so that the information is protected from future attacks,” urges NIST, National Institute of Standards and Technology.
Every industry’s security — including government, energy, financial services, automotive, aviation, military, and enterprise — will be affected by quantum technology. Quantum planning and migration to crypto agile solutions are critical to organizations in all industries. This is particularly serious for organizations with security that is underpinned by public key cryptography. This includes those with long-lifespan Internet of Things (IoT) devices such as satellites, automobiles, and critical infrastructure components that rely on cryptography for code signing.
When exactly will quantum technology be capable of breaking current cryptography? Some researchers suggest five years, according to TechBeacon. The MIT Technology Review declares these machines are closer to reality than anyone suspected. Leaders at Google and the KTH Royal Institute of Technology are working on efficient ways for quantum computers to perform code-breaking calculations, reducing the resources they require by orders of magnitude. “The result will make uncomfortable reading for governments, military, and security organizations, banks, and anyone else who needs to secure data for 25 years or longer.”
The latest from NIST, “The race to protect sensitive electronic information against the threat of quantum computers has entered the home stretch.” In fact, NIST has made some big steps forward with its “selection round” of the final, proposed NIST post-quantum cryptography standards. “At the end of this round, we will choose some algorithms and standardize them,” said NIST mathematician Dustin Moody. “For the most part, they’re general-purpose algorithms that we think could find wide application and be ready to go after the third round.”
Here are the second-round candidates for public-key encryption and key-establishment algorithms, proposed by NIST:
- Classic McEliece
- LEDAcrypt (merger of LEDAkem/LEDApkc)
- NTRU (merger of NTRUEncrypt/NTRU-HRSS-KEM)
- NTRU Prime
- ROLLO (merger of LAKE/LOCKER/Ouroboros-R)
- Round5 (merger of Hila5/Round2)
- Three Bears
The second-round candidates for digital signatures:
The review process will last about a year. “NIST will plan to release the initial standard for quantum-resistant cryptography in 2022.”
Futurex’s Quantum-Safe Hybrid Certificate Authority Solution
To help enterprises, IoT device manufacturers, government agencies, and others more efficiently prepare now for the onset of quantum computing, Futurex has developed a quantum-safe hybrid certificate authority solution, delivered as a turnkey, HSM-integrated appliance or cloud service. How this works is Futurex embeds both conventional and quantum-safe certificates in a single container — quantum-safe algorithms can be turned on as needed.
With this technology, organizations can simultaneously issue certificates to IoT devices or any other digital object with both classical and quantum-safe algorithms. After integrating Futurex’s Key Management Enterprise Server (KMES) Series 3 into an organization’s cryptographic ecosystem, organizations can make the post-quantum shift without issuing new certificates.
“Organizations face a challenging and difficult road ahead to full quantum readiness,” said Ryan Smith, vice president, global business development at Futurex. “With our hybrid approach to key management servers and HSMs, we are demonstrating our commitment to helping our customers make a smooth and efficient transition to a post-quantum world.”
Futurex is the first company to deliver an offering that integrates a post-quantum certificate lifecycle management within a FIPS 140-2 Level 3-validated hardware security module (HSM). In contrast to alternatives that require the use of separate certificates for conventional or quantum-safe algorithms, Futurex’s KMES Series 3 embeds both conventional and quantum-safe algorithms within a single container. Quantum-safe algorithms can be turned on as needed. With this hybrid approach, organizations will simultaneously issue certificates that use both quantum-safe and traditional cryptographic algorithms. That way, they can continue operating without impact to their existing ecosystem.
How to Ready Your IT Ecosystem for Quantum Computing
Hear from Alexander Truskovsky, Director, Technical Strategy of ISARA Corporation, who discusses what quantum computing holds for the future. After walking through what quantum-safe cryptography entails and the principles of crypto agility, he and Adam Cason, vice president of global and strategic alliances at Futurex, share best practices for enterprise security architects. Watch now.
“Preparing for quantum is no simple migration. Bridging the gap between current and quantum-safe security — without affecting existing systems, adherence to standards, and end users — will require a new approach,” states ISARA in a recent blog post, All Aboard the Quantum Migration Train. Our solution combines both standard cryptographic measures as well as quantum-safe options so that hybrid certificates can be issued the same way as always, using X.509 format certificates. As we near the first post-quantum cryptography standard from NIST, organizations can adopt a crypto-agility approach now to avoid a painful migration.
- Quantum-safe cryptography: https://www.futurex.com/solutions/quantum-safe-cryptography
- Futurex’s KMES Series 3: https://www.futurex.com/products/kmes-series-3
- Schedule a demo: https://www.futurex.com/form/schedule-a-demo/
- YouTube: Futurex Post Quantum Hybrid Certificate Authority Solution: https://www.youtube.com/watch?v=Tj4G5nrWFBw&feature=youtu.be
- Video: How to Ready Your IT Ecosystem for Quantum Computing: https://www.futurex-summit.com/download/how-to-ready-your-it-ecosystem-for-quantum-computing/