NIST and the long journey to quantum safety

Kevin Bocek, VP of security strategy and threat intelligence at Venafi looks at the dangers quantum computing poses to cyber security.

Quantum computing holds the potential to be one of the most era-defining innovations. So much so, that it’s almost impossible to predict the exact effects it will have across the world of technology. But there’s one thing that most in the tech industry agree on – it will eventually signal the end of asymmetric (public-key) cryptography, which underpins the system of machine identities enabling our online world to exist. Now, the world is racing to discover algorithms resistant to cracking by quantum computers and achieve “quantum safety”. And NIST has taken the lead by announcing the first four contenders.

Forward-thinking CISOs will want to start preparing now, despite change not being imminent. And they should assume that the switch between pre- and post- quantum worlds will be defined by hybrid use of both new and old machine identities.

Cracking the cryptographer’s enigma

Today’s digital systems uses a binary numerical system – zeros and ones – to store and process information. Quantum computers on the other hand use qubits – these are quantum particles that don’t behave according to the traditional rules of physics. This allows them to be a zero and a one simultaneously, which theoretically will reduce the overall time required to solve mathematical problems and process data.

At its core, this presents significant issues for cryptographers. Current public-key encryption systems rely on mathematical challenges, which computers struggle to solve due to sub-standard processing power. On the other hand, quantum computers have the potential to solve these problems in the blink of an eye, meaning they could break current encryption standards with ease.

The internet’s transfusion won’t happen overnight

Why does it matter if our current encryption standards are upended? RSA produced the first crypto system in 1977, establishing public key cryptography as the primary mechanism for determining trust and authentication online. This underpinned the digital certificates and cryptographic keys that give machines an identity and laid the foundations for our entire system of encryption. Now, these machine identities are the primary method for securing all our online communications – from sensitive customer data to financial transactions or even national security secrets.

They ensure that all machines can communicate securely, including everything from servers and applications to Kubernetes clusters and microservices. They run through our digital world like blood travelling around the circulatory system of the body. So, replacing these standards with quantum will be akin to giving the internet a transfusion.

We’ve all seen the discussions around the so-called “crypto-apocalypse” – when quantum computers come online and crack our current systems of cryptography wide open. In truth, the reality isn’t quite as dramatic. There won’t be a single catastrophic doomsday event where the world’s secrets are brought into the light and the global economy ceases to function. No, we’re likely to see a slow and steady journey to quantum which is driven by the needs of leadership teams and markets.

It's now been 40 years since the inception of the original RSA crypto-system, and the journey to achieve our current encryption standards has been long and onerous. The move to quantum resistance is likely to take decades too, if not longer.

Establishing a standard

Leading the charge to develop a post-quantum cryptographic standard for organisations is the US government’s National Institute of Standards and Technology (NIST). There’s been a lot of progress since 2016 when NIST called on the world’s leading minds in cryptography to devise new ways to resist attacks from quantum computers. None more so than from July’s update, where the world of cryptography reached a vital milestone when NIST announced the first group of four quantum-resistant algorithms. And we are set to see four more announced soon.

By releasing eight algorithms, NIST recognises that cryptography is deployed in a multitude of use cases, and therefore diversity in encryption is a must. It’s also essential to mitigate the risk of potentially vulnerable, early-stage algorithms.

For this, NIST selected the CRYSTALS-Kyber algorithm for “general encryption”, due to its relatively small encryption keys and operation speed. And for digital signatures, such as the one’s used within TLS machine identities, it selected the CRYSTALS-DilithiumFALCON and SPHINCS+ algorithms. As the primary algorithm, NIST recommends CRYSTALS-Dilithium, and FALCON is regarded as useful for applications which require smaller signatures. Meanwhile, SPHINCS+ is larger and slower than the others, but is useful as a backup option due to its slightly different mathematical approach.

With things accelerating from a standards perspective, organisations now have a clearer path towards planning their own post-quantum journey.

Beginning the journey

Many will be tempted to turn a blind eye to these early algorithms. They’ll no doubt see that this kind of planning will take considerable effort – after all, we’re talking about a transformation on the same level as changing the way you ride a bike. Yet, while the current machine identity system is working fine now, this won’t always be the case. And sooner or later, CISOs will have to act.

While early-stage standards exist, it makes the most sense to start planning laboratory condition testing. Start by choosing a single application and understanding the performance impact of the new algorithms, how to deal with larger machine identities, and how to operate dual pre- and post-quantum modes. The latter point is especially key, because for the next few decades, the world is likely to transition to quantum safety via a hybrid approach – much like how we’ve seen the switch to electric vehicles via hybrid cars. The old will work alongside the new.

Having a control plane to automate the management of these machine identities will be crucial to this hybrid mode, enabling visibility over what machine identities are being used with different context, and how they perform.

Of course, it will be difficult to truly predict how long this transition period will last. It’s likely that many currently within the industry will not see the end of it. But, like climate change, it’s not something that we can push down the road for a future generation to deal with.

So, pick an application to test and factor it into next year’s budget. Set yourself a five-year plan to have the first quantum-resistant app up and running. While the road may change course, the destination certainly won’t. It’s time to take the first steps.


Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security