Post-Quantum Cryptography: The Implications of Google’s Willow and Other Quantum Computers for Cybersecurity

Quantum computing was long considered to be part of a distant future. However, it is quickly becoming a reality. Google’s recent announcement of its Willow quantum computing chip is a breakthrough generating significant media attention and questions about the implications for cybersecurity. Google’s Willow advancements are significant because of two major breakthroughs critical to the commercialization and adoption of useful quantum computers. The first is that Willow reduces errors as it scales up to more qubits. Historically, the major challenge with quantum computing has been that adding more qubits causes the error rate to increase, rendering the quantum computer impractical for solving complex problems. The second major achievement is the speed of Willow’s computations. Using the random circuit sampling (RCS) benchmark, Willow completed a computation in less than 5 minutes that would take a classical supercomputer 10 septillion years.

Although impressive, random circuit sampling (RCS) has limited real-world utility and essentially zero commercial relevance. Quantum computers are still unable to outperform classical supercomputers with commercially relevant applications. While Google’s Willow advancements lay the foundation for a future where quantum computers can revolutionize the world of computing, we are not there yet. Years of additional work needs to be done to move quantum computing platforms beyond the carefully constructed benchmark use cases where they excel to commercially relevant use cases.

The Looming Quantum Threat to Cybersecurity?

As mentioned above, commercially useful quantum computers are still years away. At the same time, concerted efforts are underway to prepare for the post-quantum age in cybersecurity and other relevant domains. Cybersecurity is poised to be one of the areas most impacted by quantum computing for one reason: algorithms. Many of today’s widely used encryption algorithms, such as RSA and ECC (Elliptic Curve Cryptography), rely on mathematical problems that are computationally difficult for classical computers to solve. However, quantum computers, leveraging the principles of quantum mechanics, can potentially break these algorithms with algorithms like Shor’s algorithm. This could render sensitive data, secure communications, and digital identities vulnerable to attacks.

Which aspects of cybersecurity are vulnerable to quantum computing?

It is expected that commercially viable and accessible quantum computers will have widespread impacts across cybersecurity. The most heavily impacted systems will be those that rely on algorithms that are vulnerable to quantum attacks.

Quantum Cryptography Impacts on Public Key Infrastructure

PKI, the backbone of digital trust, is fundamental for issuing digital certificates used to secure websites, emails, and online transactions. Current PKI implementations rely heavily on algorithms like RSA and ECC, which are vulnerable to quantum attacks. Quantum computers could forge certificates or decrypt encrypted data, enabling attackers to impersonate legitimate entities, conduct man-in-the-middle attacks, and compromise the integrity of communications.

Solution: Transitioning PKI systems to support NIST’s quantum-resistant standards, such as FIPS 203 (derived from CRYSTALS-Kyber for encryption), FIPS 204 (derived from CRYSTALS-Dilithium for digital signatures) and FIPS 205 (derived from SPHNICS+ for digital signatures), will prove essential for maintaining security in the quantum computing age.

Quantum Cryptography Impacts on Hardware Security Modules (HSMs)

HSMs are dedicated hardware devices that form a critical part of robust PKI systems. HSMs are designed to securely generate, store, and manage cryptographic keys. Today, HSMs typically use a combination of algorithms that are vulnerable and resistant to quantum attacks. Three prominent algorithms that are vulnerable to quantum computers include RSA, Elliptic Curve Cryptography (ECC) and Diffie-Hellman. These algorithms are used for asymmetric encryption and key exchange. Conversely, symmetric encryption such as AES, and hashing algorithms like SHA-256 are considered to be more quantum resistant.

Solution: Leading HSM providers, including Thales and Entrust, provide support for a wide range of algorithms, including quantum resistant algorithms like those proposed by NIST. Upgrading HSMs to support NIST’s post-quantum algorithms ensures they remain effective in securing sensitive data. Choosing a HSM that has crypto agility by allowing you to easily adopt new algorithms will be key to future-proofing your cryptographic framework against the risk of quantum attacks.

Quantum Cryptography Impacts on Certificate Lifecycle Management (CLM)

CLM systems automate the issuance, renewal, and revocation of digital certificates. As quantum-resistant cryptographic algorithms become standardized, CLM systems must adapt to handle certificates that use these new algorithms. This transition presents both challenges and opportunities for organizations.

Challenges and Adaptations:

• Managing certificates with larger key sizes: Quantum-resistant algorithms often have larger key sizes than traditional algorithms, requiring adjustments to storage and processing capabilities.
• Handling different expiration criteria: Quantum-resistant certificates may have different lifecycles and require more frequent renewals.
• Ensuring backward compatibility: During the transition period, CLM systems must support both traditional and quantum-resistant certificates to ensure interoperability with existing systems.
• Algorithm agility: CLM systems need to be flexible enough to adapt to new algorithms and standards as they emerge.

Integrating NIST’s post-quantum standards into CLM systems will be crucial for organizations to streamline certificate management and transition securely to quantum-resistant cryptography. This will involve updating certificate templates, validation rules, and automation workflows to accommodate the new algorithms. Leading certificate lifecycle management solutions, such as Keyfactor and Venafi, provide a shortcut to implementing both crypto agility and certificate authority (CA) agility. Having both crypto and CA agility enables your organization to quickly adopt certificates backed by quantum resistant algorithms and switch between CAs in the event of a major distrust event or vulnerability.

Quantum Cryptography Impacts on Data Encryption

Data encrypted using current algorithms, whether at rest or in transit, could be vulnerable to decryption by future quantum computers. This “harvest now, decrypt later” threat underscores the urgency of transitioning to quantum-resistant encryption methods as soon as possible. “Harvest now, decrypt later” refers to the potential risk of encrypted sensitive data being compromised now and decrypted in the future when quantum computing technology is sufficiently advanced to crack the algorithm.

Solution:

Organizations must proactively adopt quantum-resistant encryption methods to protect their sensitive data. This includes:

• Transitioning to NIST-approved algorithms: Utilizing algorithms like CRYSTALS-Kyber for key encapsulation and encryption.
• Exploring alternative encryption methods: Investigating other quantum-resistant approaches, such as code-based cryptography or multivariate cryptography.
• Implementing a hybrid strategy: Combining classical and post-quantum encryption to provide layered protection during the transition.
• Prioritizing sensitive data: Focusing on protecting high-value data with the strongest possible encryption methods.

By adopting quantum-resistant encryption, organizations can ensure the long-term confidentiality and integrity of their data, even in the face of evolving quantum threats.

Quantum Impacts on Identity and Access Management (IAM)

IAM systems often rely on cryptographic protocols to authenticate users and authorize access to systems and data. Quantum computers could potentially break these protocols, jeopardizing the security of sensitive information and systems.

Solution:

IAM systems must transition to quantum-safe authentication methods. This might involve:

• Integrating post-quantum cryptographic algorithms: Adopting NIST-standardized algorithms like those derived from CRYSTALS-Kyber for key establishment and CRYSTALS-Dilithium for digital signatures.
• Exploring alternative authentication methods: Investigating quantum-resistant approaches like lattice-based cryptography or hash-based signatures.
• Implementing hybrid approaches: Combining traditional and post-quantum cryptographic techniques to provide a layered defense during the transition period.

Upgrading IAM systems to incorporate quantum-resistant mechanisms is essential to maintain robust security and protect against unauthorized access in the post-quantum era.

NIST’s Quantum Resistant Cryptographic Algorithms

Recognizing the urgent need for quantum-resistant cryptography, the National Institute of Standards and Technology (NIST) initiated a process in 2016 to solicit, evaluate, and standardize new cryptographic algorithms that can withstand the power of quantum computers.

After years of rigorous analysis and review, NIST announced the first four algorithms selected for standardization in July 2022. These algorithms were chosen for their strong security properties, performance characteristics, and suitability for various use cases.

NIST August 2024 Quantum Resistant Algorithms

• CRYSTALS-Kyber: This algorithm is standardized as FIPS 203. It’s designed for general encryption and key encapsulation mechanisms, used to securely establish cryptographic keys between parties. CRYSTALS-Kyber is based on lattice-based cryptography, a mathematical approach believed to be resistant to attacks from both classical and quantum computers.
• CRYSTALS-Dilithium: Standardized as FIPS 204, this algorithm is designed for digital signatures, which are used to verify the authenticity and integrity of digital documents and messages. Like CRYSTALS-Kyber, it’s based on lattice-based cryptography and offers a strong security foundation.
• SPHINCS+: Standardized as FIPS 205, this algorithm is also designed for digital signatures. It’s based on hash functions and is considered to be highly secure, although it has larger key sizes compared to CRYSTALS-Dilithium.

NIST plans to finalize a fourth algorithm, FALCON, for digital signatures in late 2024. This algorithm is expected to be useful in applications where smaller signature sizes are required.

These standardized algorithms provide a crucial roadmap for organizations to transition to post-quantum cryptography. However, adopting these standards requires careful planning, investment, and operational adjustments, particularly for large enterprises with complex systems.

Preparing for the Post-Quantum Era

While commercially viable quantum computers capable of breaking current encryption may still be a few years away, the time for organizations to prepare is now. The transition to post-quantum cryptography (PQC) is a complex undertaking that requires careful planning, strategic investment, and a phased approach.

Why Proactive Planning is Crucial:

• Magnitude of Change: Upgrading cryptographic systems is a significant undertaking, impacting a wide range of applications, infrastructure, and processes.
• Interoperability: Ensuring compatibility between legacy systems and new quantum-resistant algorithms requires careful consideration.
• Resource Allocation: Implementing PQC requires dedicated resources, expertise, and budget allocation.
• Testing and Validation: Thorough testing and validation are essential to ensure the security and reliability of PQC implementations.
• Staying Ahead of the Curve: Organizations that proactively prepare for the post-quantum era will be better positioned to mitigate risks and maintain a strong security posture.

Steps to Prepare for the Post-Quantum Era:

Conduct a Quantum Readiness Assessment:

A comprehensive Quantum Readiness Assessment provides a baseline of your organization’s current cryptographic posture and identifies vulnerabilities to quantum attacks. This assessment should include:

• Inventory of Cryptographic Assets: Identify all systems, applications, and devices that rely on cryptography, including encryption algorithms, key management systems, and digital certificates.
• Risk Assessment: Assess the risk of quantum attacks on your critical assets and data, considering the potential impact on business operations, financial stability, and reputation.
• Gap Analysis: Identify gaps between your current cryptographic infrastructure and the requirements for PQC.
• Roadmap Development: Develop a roadmap for transitioning to PQC, outlining priorities, timelines, and resource allocation.

Prioritize High-Value Assets:

Identify your organization’s most critical and sensitive data and systems. Prioritize these assets for migration to PQC to ensure their long-term protection.

Develop a Phased Migration Plan:

Create a phased approach to transition to quantum-resistant algorithms. This might involve:

• Pilot Projects: Implement PQC in a limited scope to test and validate the solution before wider deployment.
• Hybrid Approach: Combine classical and post-quantum algorithms during the transition to ensure compatibility and maintain security.
• Phased Rollout: Gradually upgrade systems and applications to PQC, starting with the most critical ones.

Monitor NIST Standards and Implement Cryptographic Agility:

Stay informed about NIST’s ongoing standardization efforts and adopt the recommended algorithms. Build flexibility into your systems to facilitate the adoption of new algorithms and standards as they evolve. This might involve using cryptographic libraries or frameworks that support multiple algorithms and allow for easy updates.

Invest in Training and Awareness:

Educate your IT team and security personnel about the quantum threat and the importance of PQC. Provide training on implementing and managing quantum-resistant cryptographic systems. Engaging with industry groups like the PKI Consortium can enable your organization to be on the leading edge of advancements related to post-quantum cryptography.

Engage with Experts:

Partner with cybersecurity experts like Accutive Security to assess your quantum readiness, develop a comprehensive PQC strategy, and implement quantum-resistant solutions.

By taking these proactive steps, organizations can mitigate the risks posed by quantum computing and ensure the long-term security of their data and systems.