A Robust & Secure Transition To Quantum-Safe Cryptography

Read time: 10 minutes

Quantum computing is a field of study that focuses on the development of computer-based technologies centered around quantum theory principles. To perform specific computational tasks, quantum computing employs a combination of bits. All of this is done at a much higher efficiency than their traditional counterparts. The development of quantum computers represents a significant advancement in computing capability, with massive performance gains for specific use cases.

Quantum bits, or qubits, can be in the state of both 1 and 0 simultaneously, which in turn provides much of the quantum computer’s processing power. Due to this, a fully functioning quantum computer could break the majority of classical encryption algorithms in days, and in some cases even hours.

Quantum-safe cryptography

Post-quantum cryptography, also known as quantum-safe cryptography, refers to research efforts aimed at identifying cryptographic primitives resistant to attacks from classical and quantum computers. The ultimate goal of these efforts is to find cryptographic algorithms that are not vulnerable to any cryptographic attacks by conventional or quantum computers, thereby allowing robust security of information assets in the post-quantum world.

It is widely known that in the absence of quantum-safe cryptography, serious security issues will arise such as transmitted information through public channels could be vulnerable to eavesdropping, and encrypted data could be stored for later decryption considering the power of a quantum computer. Threats arising from quantum computing will target various sectors such as Finance and Healthcare owing to the monetary benefits majorly which can easily be derived from cryptographic vulnerabilities.

The majority of the cryptographic hashes (such as SHA2, SHA3, BLAKE2), MAC algorithms (such as HMAC and CMAK), and key-derivation functions (bcrypt, Scrypt, Argon2) are basically quantum-safe and are slightly affected by quantum computing. Symmetric ciphers such as AES-256 and Twofish-256 are also considered to be quantum-safe. In this case the recommended key length is 256-bits or more.

However, the widely used public-key cryptosystem which includes RSA, DSA, ECDSA, EdDSA, DHKE, ECDH, and ElGamal is quantum-broken.

The following table compares the effective key strength of some popularly used cryptographic algorithms in classical and quantum computers.

Algorithm	Key Length	Effective key strength
		Classical computer	Quantum computer
RSA-1024	1024-bits	80-bits	0-bits
RSA-2048	2048-bits	112-bits	0-bits
ECC-256	256-bits	128-bits	0-bits
ECC-384	384-bits	256-bits	0-bits
AES-128	128-bits	128-bits	64-bits
AES-256	256-bits	256-bits	128-bits

Progress in Quantum-safe cryptography

The possibility of a single quantum-safe algorithm suitable for all applications is quite unlikely. Many algorithms have been proposed till date but there is a large variation observed in the performance characteristics when compared with conventional public key cryptography as quantum safe algorithms use a larger key size therefore require a higher network bandwidth.

The National Institute of Standards and Technology (NIST) has started a process to standardise quantum-safe algorithms for key agreement and digital signatures. Since 2016, the institute has been working on creating quantum-safe algorithms capable of resisting threats posed by the quantum computers. The field of candidate algorithms has been narrowed down and draft standards are expected to roll out in 2022-24.

Migration to quantum-safe cryptography

Transitioning to new cryptography is complicated and will take a significant amount of time and money. Fortunately, organisations have some time before quantum-computers are implemented on a large scale. As per NCSC, ‘Organisations that manage their own cryptographic infrastructure should factor quantum-safe transition into their long-term plans and conduct investigatory work to identify which of their systems will be high priority for transition. Priority systems could be those that process sensitive personal data, or the parts of the public-key infrastructure that have certificate expiry dates far into the future and would be hardest to replace.’Here, crypto-agility might play a key role for organisations in transiting to quantum-safe cryptography as it the ability of a security system to switch between algorithms and cryptographic primitives without impacting the rest of the infrastructure. It is important for corporate leaders to start planning now for a smooth transition to a quantum-resistant security.

Conclusion

We must recognise that quantum computing indeed poses a serious threat to conventional information security systems. Organisations are recommended to plan a robust and secure transition to quantum-safe cryptography to mitigate any quantum threats. It is advisable to follow security best practices until NIST quantum-safe standards are available.