What is Post-Quantum Cryptography?

Why is Post-Quantum Cryptography Important?

Post-quantum cryptographic algorithms are designed to withstand the formidable power of quantum computers. While classical cryptography relies on the difficulty of solving problems like integer factorization or discrete logarithms, post-quantum cryptography relies on issues that remain difficult even for quantum computers, such as lattice-based, hash-based, and multivariate polynomial equations.

Post-quantum cryptography is crucial because:

1. Quantum Threats: Quantum computers can break traditional encryption methods like RSA and ECC.
2. Data Protection: It ensures data remains secure against potential quantum attacks.
3. Future-Proofing: Implementing quantum-resistant algorithms now safeguards future digital infrastructure.
4. Compliance: It aligns with emerging government regulations and standards for cryptographic security.
5. National and Economic Security: Protects sensitive information critical to economic stability and national security.
6. Innovation: Drives research and development of more robust cryptographic solutions.

Post Quantum Cryptography vs Quantum Cryptography

Post-quantum cryptography (PQC) involves developing cryptographic techniques resilient to quantum attacks. By leveraging complex mathematical problems that quantum computers struggle to solve, PQC extends the security of traditional cryptographic methods into the quantum era.

Quantum cryptography, on the other hand, uses quantum mechanics to secure data transmission. Techniques like Quantum Key Distribution (QKD) ensure that legitimate parties can detect any attempt to eavesdrop on communication.

The primary difference lies in the approach: PQC focuses on algorithm resilience, while quantum cryptography uses the fundamental laws of quantum physics to secure communications.

Quantum Computing Threats

With their immense processing capabilities, Quantum computers pose a significant threat to current cryptographic systems.

Shor’s algorithm, for instance, can break RSA and ECC encryption by efficiently solving the integer factorization and discrete logarithm problems, exposing sensitive data. Grover’s algorithm exacerbates this threat by accelerating brute-force attacks, reducing the security of symmetric cryptographic systems like AES.

These quantum threats underscore the urgent need for quantum-resistant cryptographic solutions. Lattice-based, hash-based, and code-based cryptographic methods are emerging as strong contenders, offering resilience against quantum attacks. As quantum computing advances, adopting these algorithms will become critical to safeguarding digital information.

Preparing for a Post-Quantum Future

Preparing for the quantum era requires organizations to modernize traditional IT systems and processes. Collaboration with leading vendors and planning for post-quantum security should include the following:

• Quantum security strategies
• Migration approaches
• Product roadmaps

Organizations are beginning to lay the groundwork for a quantum-secure future, with major players in cybersecurity, cloud, and networking already preparing for post-quantum capabilities. Familiarity with these efforts and awareness of evolving timelines is essential for staying ahead in the quantum race.

Government Initiatives and Policies

Governments worldwide are taking proactive steps to mitigate the risks posed by quantum computing through focused initiatives and policies.

CISA’s Post-Quantum Cryptography Initiative

The Cybersecurity and Infrastructure Security Agency (CISA) has launched initiatives to accelerate the development of quantum-resistant algorithms. These initiatives involve partnerships with academia and the private sector to fund research, rigorous testing, and simulations to fortify cryptographic systems against quantum threats.

National Security Memorandum 10

This memorandum directs federal agencies to prioritize transitioning to post-quantum cryptography. Agencies must identify vulnerabilities to quantum attacks, allocate resources for developing quantum-resistant encryption methods, and implement new cryptographic standards.

NIST’s Role and Standards

The National Institute of Standards and Technology (NIST) leads the charge in developing post-quantum cryptographic standards. By evaluating quantum-resistant algorithms and running public competitions, NIST ensures that the solutions are secure and effective, setting a global benchmark for post-quantum cryptography.

Key Technical Approaches and Algorithms

Researchers are exploring several technical approaches to secure digital communications in a quantum world.

Lattice-Based Cryptography

Lattice-based cryptography relies on complex mathematical structures called lattices. Algorithms like NTRUEncrypt and GGH leverage these lattices for encryption and digital signatures. The inherent difficulty of solving lattice problems, even for quantum computers, makes this approach a strong candidate for post-quantum security.

Hash-Based Cryptography

Hash-based cryptographic methods, such as Merkle trees and Lamport signature schemes, rely on the one-way nature of hash functions. Due to the computational difficulty of reversing a hash operation, these systems are quantum-resistant, making them ideal for securing data in the quantum era.

Code-Based Cryptography

The McEliece cryptosystem exemplifies code-based cryptography, leveraging error-correcting codes to secure data against quantum attacks. This system uses large public keys derived from Goppa codes, making it resistant to Shor's algorithm.

Researchers focus on optimizing key sizes and improving decoding efficiency. Code-based methods, such as the Niederreiter cryptosystem, also show promise, offering comprehensive security through complex algebraic structures.

Isogeny-Based Cryptography

Elliptic curve isogenies form the backbone of isogeny-based cryptography, utilizing the complex relationships between elliptic curves to create secure cryptographic protocols. These methods strongly resist quantum attacks, particularly against Shor's algorithm. Supersingular isogeny Diffie-Hellman (SIDH) exemplifies this approach, enabling secure key exchange with relatively small key sizes.

Researchers focus on optimizing isogeny computations and exploring new applications, such as digital signatures and encryption schemes, to enhance security and efficiency in the quantum era.

Symmetric Key Quantum Resistance

AES and other symmetric key algorithms exhibit quantum resistance due to their reliance on key length. Grover's primary quantum threat algorithm only halves the effective key length. Doubling the key size, such as moving from 128-bit to 256-bit keys, mitigates this risk.

Researchers also explore quantum-resistant modes of operation and key management techniques to bolster security. These efforts ensure symmetric key cryptography remains robust against emerging quantum computing capabilities.

Implementation and Mitigation Strategies

Transitioning to post-quantum cryptography requires a well-planned approach that includes risk assessment, policy development, and practical implementation strategies.

Risk Assessment and Planning

Organizations must audit their cryptographic systems to identify vulnerabilities. They should prioritize critical data and applications for migration, develop contingency plans, and allocate resources for continuous monitoring.

• Identify potential vulnerabilities in current cryptographic systems by conducting comprehensive audits.
• Evaluate the quantum-readiness of existing infrastructure, considering factors like computational resources and algorithmic compatibility.
• Develop contingency plans for various threat scenarios, prioritizing critical assets.
• Allocate resources for continuous monitoring and updating of cryptographic protocols.
• Engage cross-functional teams to ensure cohesive planning and execution.
• Establish clear timelines and milestones to track progress, ensuring timely mitigation of identified risks.

Practical Implementation Steps

Implementing quantum-resistant algorithms should begin with a phased rollout, starting with less sensitive areas. Hybrid cryptographic solutions can be used to ensure backward compatibility, while continuous testing helps ensure the security of the new systems.

The Quantum Economic Development Consortium (QED-C), a group of stakeholders established with support from NIST, published a guide for preparation for future quantum computers: “A Guide to a Quantum-Safe Organization.” The guide suggests a five-step process every organization can follow to prepare for post-quantum security.

Policy and Standards Development

• Establish robust frameworks by collaborating with international bodies like NIST and ISO.
• Define clear guidelines for algorithm selection, key management, and system interoperability.
• Incorporate feedback from academic research and industry trials to refine standards.
• Ensure policies address immediate and long-term cryptographic needs, balancing security and performance.
• Regularly update standards to adapt to emerging quantum threats.
• Foster an inclusive development process, engaging stakeholders from diverse sectors to build consensus and drive widespread adoption.

Engagement and Awareness

• Educate teams on the nuances of post-quantum cryptography through targeted training sessions and workshops.
• Highlight real-world scenarios where quantum threats could compromise existing systems.
• Use interactive tools and simulations to demonstrate potential vulnerabilities and solutions.
• Foster a culture of continuous learning by providing access to the latest research and developments.
• Encourage cross-functional collaboration to ensure comprehensive understanding and implementation.
• Measure engagement through regular assessments and feedback loops, adjusting strategies to maintain high awareness levels.

Practical Implementation Steps

• Integrate quantum-resistant algorithms into existing systems by first conducting a thorough risk assessment.
• Prioritize critical data and applications for migration.
• Develop a phased rollout plan, starting with less sensitive areas to minimize disruptions.
• Utilize hybrid cryptographic solutions to ensure backward compatibility.
• Continuously monitor and test the new implementations for vulnerabilities.
• Collaborate with industry experts to stay updated on emerging threats and solutions.
• Document all changes meticulously to facilitate future audits and compliance checks.

Retrofitting Existing Systems

• Upgrade legacy systems by integrating quantum-resistant algorithms without overhauling the entire infrastructure.
• Leverage existing hardware through software updates that support post-quantum cryptography.
• Implement side-channel attack mitigations to protect against emerging threats.
• Use modular cryptographic libraries to facilitate seamless updates and ensure compatibility.
• Conduct regular performance benchmarks to measure the impact on system efficiency.
• Engage in continuous training for IT staff to handle new cryptographic protocols effectively.

Defining Responsibilities

Security teams must understand that preparing for a PQ world is vast. Because your organization cannot become quantum-safe in one swoop, setting realistic expectations and breaking down responsibilities by individual use cases is essential.

Determine who is responsible for each part of the network infrastructure. Even if an organization does not develop its software, it is essential to understand what cryptography is in use and work with the service group to learn their quantum readiness plans.

Developing an Inventory Priority List

Review every device, system, platform, and vendor in your organization to determine the sensitivity or confidentiality of data and the expected lifetime of each asset. Consider the following questions:

• Will that asset be around in five years?
• What is its susceptibility to an attack?

A key aspect is understanding which cipher suites, key sizes, and versions are used for T-L-S-S-S-H or VPN, how certificates are managed, and where and how encryption keys are generated and stored. Gaining insight into this is critical to estimating the potential future loss in data related to any quantum event versus the equipment's capital value at risk.

With an inventory incomplete, your next step is to prioritize which transition needs to occur first. There are three factors that you require to base your prioritizations on:

• Location and nature of the data itself: where data is stored and which sensitive data needs to be secured.
• Lifespan of the data: how long the data needs to stay confidential.
• Susceptibility to an attack: For example, key exchange is at the highest risk today, so understanding the cryptography suite is crucial.

Evaluating Solutions: Experiment and Test

Assessing how Post-Quantum Cryptography (PQC), Quantum Key Distribution (QKD), and other quantum technologies can enhance the security of your organization's assets is vital.

This evaluation may involve integrating PQC into your existing RSA architecture, which is vulnerable to quantum attacks and not post-quantum safe. Although RSA is currently the industry standard for encryption, its obsolescence due to the advent of quantum computing will be one of the most significant consequences of the quantum revolution.

Assess the cryptography libraries that currently support NIST submissions. For example, there are libraries for Bouncy Castle, forks of LibreWolf, and SSL. Now is the time to determine whether you will need new hardware to run these PQC algorithms or how performance might be impacted if you use your existing hardware.

Determine the time requirements for supporting PQC key generation and storage when migrating from RSA to PQC. Consider investing in cryptographic agility if a primitive cryptographic system is discovered to be vulnerable, primarily due to a quantum threat or another attack vector. Crypto agility will allow for the flexible and adaptive adaptation and replacement of algorithms, protecting and maintaining security resilience more effectively.

Cryptographic Algorithms as Workable Technologies

Many quantum cryptographic and post-quantum cryptographic (PQC) algorithms are currently being developed in industrial and university research settings. Since cryptographic security is mainly used to establish a secret key between two parties over an untrusted communications channel, most research in emerging PQC and quantum cryptographic algorithms is happening in network-specific settings.

For instance, companies such as Toshiba, ID Quantique, and QuintessenceLabs are developing Quantum Key Distribution (QKD) Systems that securely distribute cryptographic keys over fiber-optic cables or free-space optical links. QKD uses quantum properties such as photon polarization or phase to encode keys and detect incursions.

Present research into post-quantum cryptography is focused on algorithms including hash-based cryptography, code-based cryptography, lattice-based cryptography, multivariate polynomial cryptography, and supersingular isogeny Diffie-Hellman (SIDH). However, SIDH has already been found to be vulnerable to QC attacks.

Post-Quantum Security FAQs