Although Quantum Day, or “Q-Day,” is five to ten years away, it is coming sooner than we would like. Q-Day represents the day when quantum computers will reliably use the superposition power of multi-state qubits to crack encryption algorithms widely used around the world to enable e-commerce, data security and secure communications. Adversaries are already preparing for Q-Day by employing “collect now, decipher later” strategies.
With such threats on the horizon, many organizations face the same challenge: to implement a robust quantum security strategy ahead of Q-Day to protect themselves and their customers from quantum attacks. Fortunately, there are a few key tactics and technologies that organizations can implement now to mitigate emerging quantum threats and risks and prepare for Q-Day.
Perform an enterprise-wide quantum risk assessment
To begin preparing for Q-Day, organizations should first conduct an enterprise-wide quantum security risk assessment to help identify the systems that would be most vulnerable to such a threat and should be protected first. For example, systems, devices, applications, and services that rely on asymmetric encryption and popular communication algorithms and protocols such as RSA, DSA, ECDF, and TLS are known to be vulnerable to quantum attacks and algorithms such as Shor’s algorithm.
The internal quantum risk assessment should also cover the organization’s current information security practices and policies, as well as include a comprehensive inventory of its current cryptographic services and infrastructure. Knowing when, where, and how an organization’s data and communications are secure will also help identify encryption hardware and software that might need to be updated or replaced to be quantum-secure.
For most organizations, the journey to a quantum secure enterprise will take several years, as many will also need to coordinate their post-quantum security upgrades with external stakeholders, such as customers, suppliers, and contractors. partners. High-value assets and assets most vulnerable to quantum attacks should be prioritized. Identifying these vulnerabilities early will help teams ensure that they develop an effective quantum security strategy from the start.
Deploy quantum random number generators
Today’s cryptographic systems and algorithms rely heavily on the use of software-based random number generators, also known as pseudo-random number generators. PRNGs are typically used to generate a sequence of random numbers in support of cryptographic operations such as generating seeds or encryption keys. Given the deterministic nature of algorithmic PRNGs, the random numbers generated by a PRNG are not truly random. This makes cryptographic systems or services that rely on PRGNs vulnerable to quantum attacks. To address this vulnerability, organizations should begin replacing all PRNGs with quantum random number generators as soon as possible. Instead of using a deterministic algorithm, a QRNG can generate true random numbers by measuring and digitizing a quantum process, which by nature is non-deterministic.
QRNG solutions are already commercially available from multiple vendors in various form factors, such as rackmount devices, PCI cards, and chips.
Over the next decade, organizations around the world are expected to migrate from current, quantum-vulnerable classical encryption algorithms – RSA, DSA, and ECDH – to the next generation of secure quantum encryption algorithms, also known as Post- Quantum Crypto.
In July 2022, the U.S. Department of Commerce’s National Institute of Standards and Technology announced that it was preparing to standardize the first set of four PQC algorithms. These NIST PQC candidate algorithms are the result of a six-year, multi-round global competition, which began with 82 proposals in 2016. In addition to the four recently announced PQC algorithms, NIST also holds four additional PQC candidate algorithms in reserve in as a backup in case one of the first four gets hacked.
During the multi-year transition period between today’s classic cryptography and tomorrow’s PQC, many organizations will need to leverage and support both classic and PQC infrastructure, as not all systems or users end users cannot easily upgrade to the latest PQC algorithms. Many current computing systems, such as IoT sensors and network routers, have their current encryption capabilities implemented in hardware for cost and/or performance reasons. This means that these systems cannot be upgraded by software and therefore must be physically replaced over time. Therefore, emerging IT solutions will need to be crypto-agile. Cryptographic agility refers to the ability of a system to support and switch between different encryption algorithms, such as from classical to PQC. Some crypto-agile systems might also be able to add new emerging algorithms.
Cryptographic agility can also be used to implement hybrid cryptographic schemes by mixing different cryptographic algorithms or protocols. While the level of confidence in the security of the new PQC algorithms is still very low, many organizations should combine classic encryption with PQC via dual encryption (classic and PQC). Having a well-architected crypto-agile system would also allow operators to quickly replace a PQC algorithm if it were to be compromised down the road, which arrived recently to one of NIST’s eight PQC candidate algorithms, called SIKES.
Enable quantum-safe key distribution
In addition to generating quantum-resistant keys using technologies such as QRNGs, it is also important to provide mechanisms for secure key exchange. Quantum Key Distribution systems aim to meet this need by providing a secure method for two parties to securely exchange a cryptographic key. The key provided by QKD can then be used to encrypt/decrypt a user’s data with a chosen encryption algorithm and transmit the encrypted data over a standard communication channel, such as a commercial fiber optic network.
A QKD solution uses properties found in quantum physics and techniques such as photon superimposition and entanglement to exchange cryptographic keys in a way that they are provable and guarantee security. Any eavesdropping of a QKD-secured key exchange would cause a detectable change in the information being transmitted. Well-known QKD protocols such as BB84 make sure that both parties can detect a possible eavesdropping attempt.
While commercial QKD solutions are already available, organizations such as the National Security Agency, the European Union Cybersecurity Agency and the UK’s National Cyber Security Center recommend the use of PQC rather than QKD. Some of the reasons for their recommendation are based on the need for highly specialized and expensive QKD hardware; QKD’s inherent denial of service and insider threat vulnerabilities; its inability to authenticate the QKD transmission source without additional authentication mechanisms; and the cyber risks associated with implementing complex QKD hardware and software.
Start Quantum Securing the Enterprise
Even in a climate in which NIST has selected the first-ever group of post-quantum encryption and digital signature algorithms designed to withstand quantum computing attacks, widespread adoption is still expected to take years. However, even before NIST officially ratifies its candidate PQC algorithms, organizations must begin performing an internal quantum vulnerability assessment, create a quantum security strategy, and develop a PQC migration plan.
Similar to the multi-year zero tust security journey of most organizations, the enterprise-wide deployment of PQC requires executive buy-in, careful planning, pilots, and risk-based phased deployments. While there is no one-size-fits-all solution to quantum cybersecurity, the steps outlined above are ways to ensure that a robust and universally applicable, risk-based quantum security strategy is adopted across the whole of the world. organization. However, having a quantum security strategy does not mean an organization can let its guard down. Many of today’s cyber threats and types of attacks will still be relevant, even in a post-quantum era, but the better prepared organizations are, the less likely it is that Q-Day will spell doomsday for businesses.