The Quantum-Safe Security (QSS) working group of the Cloud Security Alliance (CSA) is advising organizations to determine now which encryption schemes they will need to replace once the National Institute for Standards and Technology (NIST) next year formally endorses standards that are more resistant to being cracked by quantum computers.
While quantum computers are not yet sufficiently powerful enough to crack existing schemes, it’s now more a question of when rather than if they will. One or more nation states that are investing in quantum computers could theoretically begin cracking those schemes within the next few years. In fact, the CSA warns that many nation states may already be aggregating encrypted data that they can’t decipher in anticipation of having that capability tomorrow.
Threat to symmetric and asymmetric cryptography
There are basically two types of encryption widely employed today. Symmetric cryptography describes when the same key is used to encrypt and decrypt data within a platform or application. Because symmetric key strength is doubled by every bit added, the CSA is advising organizations that employ these tools to double the size of the symmetric key employed, with a minimum baseline of 256 bit or longer. A quantum computer is expected to be able to employ Grover’s algorithm to weaken the protective strength of existing symmetric keys by half. Also known as the quantum search algorithm, that algorithm enables unstructured search that determines with high probability the unique input to a black box function that produces a particular output value
The threat to asymmetric cryptography is more grave. Asymmetric cryptography works using two types of mathematically related keys to create a pair. It is used for both encryption and digital signatures. The most widely employed form of asymmetric cryptography is the Public Key Infrastructure (PKI) platforms employ by Certificate Authority (CA) services to issue digital certificates. Asymmetric algorithms are also employed by HTTPS to secure website communications, digital signatures, Wi-Fi networks, smartcards, hardware authentication tokens, banking networks, cryptocurrencies, and most virtual private networks (VPN).
The asymmetric keys are typically employed to securely transport symmetric keys that are used to actually encrypt data between source and destination. Many applications using symmetric encryption may still be susceptible to quantum computers if they employ asymmetric cryptography or digital signatures as part of this process. Most of the asymmetric digital schemes will need to be replaced with quantum-resistant cryptography when NIST defines a new set of standards.
The CSA is recommending organizations create a migration plan now for replacing any cryptography algorithm that is likely to be either cracked by a quantum computer or seriously weakened. The migration plans need to start with an inventory of all the cryptography algorithms being employed. Most systems will contain many different, often layered, levels of cryptography, so this effort is likely to require a substantial amount of manual effort. In most businesses, data is strewn all across the organization. IT teams will need to identify all the inputs and outputs of data to and from every department and team in the organization to find all their data.
They will then need to determine what is the useful life of that data to ascertain whether it is going to be worth the effort to replace the cryptography schemes currently employed to secure it. Assuming that there will be a quantum computer capable of deciphering that data within the next three years, the time to get ahead of this task is clearly now given all the data organizations generate.
With all the threats organizations already face, it may be difficult to get business and IT leaders to appreciate the threat quantum computers will soon pose. However, as every cybersecurity professionals knows, an ounce of prevention can eliminate the need for a whole lot of cure that as organizations continue to collect more data will only get more painful to administer later on.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.