NIST’s Quantum Security Protocols Near the Finish Line
As quantum computing moves from academic circles to practical uses, it is expected to become the conduit for cybersecurity breaches.
The National Institute of Standards and Technology aims to nip these malicious attacks preemptively. Its new cybersecurity protocols would help shield networks from quantum computing hacks.
National Institute of Standards and Technology (NIST) has consulted with cryptography thought leaders on hardware and software options to migrate existing technologies to post-quantum encryption.
The consultation forms part of a wider national contest, which is due to report back with its preliminary shortlist later this year.
IT pros can download and evaluate the options through the open source repository at NIST’s Computer Security Resource Center.
“[The message] is to educate the market but also to try to get people to start playing around with [quantum computers] and understanding it because, if you wait until it’s a Y2K problem, then it’s too late,“ said Chris Sciacca, IBM’s communications manager for research in Europe, Middle East, Africa, Asia and South America. “So the message here is to … start adopting some of these schemes.”
Businesses need to know how to contend with quantum decryption, which could potentially jeopardize many Internet of Things (IoT) endpoints.
Quantum threatens society because IoT, in effect, binds our digital and physical worlds together. Worryingly, some experts believe hackers could already be recording scrambled IoT transmissions, to be ready when quantum decryption arrives.
Current protocols such as Transport Layer Security (TLS) will be difficult to upgrade, as they are often baked into the device’s circuitry or firmware,
Estimates for when a quantum computer capable of running Shor’s algorithm vary. An optimist in the field would say it may take 10 to 15 years. But then it could be another Y2K scenario, whose predicted problems never came to pass.
But it’s still worth getting the enterprise’s IoT network ready, to be on the safe side.
“Broadly speaking, all asymmetric encryption that’s in common use today will be susceptible to a future quantum computer with adequate quantum volume,” said Christopher Sherman, a senior analyst at Forrester Research, “Anything that uses prime factorization or discrete log to create separate encryption and decryption keys, those will all be vulnerable to a quantum computer potentially within the next 15 years.”
Why Do We Need Quantum Security?
Quantum computers would answer queries existing technologies cannot resolve, by applying quantum mechanics to compute various combinations of data simultaneously.
As the quantum computing field remains largely in the prototyping phase, current models largely perform only narrow scientific or computational objectives.
All asymmetric cryptography systems, however, could one day be overridden by a quantum mechanical algorithm known as Shor’s algorithm.
That’s because the decryption ciphers rely on mathematical complexities such as factorization, which Shor’s could hypothetically unravel in no time.
“In quantum physics, what you can do is construct a parameter that cancels some of the probabilities out,” explained Luca De Feo, a researcher at IBM who is involved with the NIST quantum-security effort, “Shor’s algorithm is such an apparatus. It makes many quantum particles interact in such a way that the probabilities of the things you are not interested in will cancel out.”
Will Quantum Decryption Spell Disaster For IoT?
Businesses must have safeguards against quantum decryption, which threatens IoT endpoints secured by asymmetric encryption.
A symmetric encryption technique, Advanced Encrypton Standard, is believed to be immune to Shor’s algorithm attacks, but is considered computationally expensive for resource-constrained IoT devices.
For businesses looking to quantum-secure IoT in specific verticals, there’s a risk assessment model published by University of Waterloo’s quantum technology specialist Dr. Michele Mosca. The model is designed to predict the risk and outline times for preparing a response, depending on the kind of organization involved.
As well as integrating a new quantum security standard, there’s also a need for mechanisms to make legacy systems quantum-secure. Not only can encryption be broken, but there’s also potential for quantum forgeries of digital identities, in sectors such as banking.
“I see a lot of banks now asking about quantum security, and definitely governments,” Sherman said, “They are not just focused on replacing RSA – which includes https and TLS – but also elliptic curve cryptography (ECC), for example blockchain-based systems. ECC-powered digital signatures will need to be replaced as well.”
One option, which NIST is considering, is to blend post-quantum security at network level with standard ciphers on legacy nodes. The latter could then be phased out over time.
“A hybrid approach published by NIST guidance around using the old protocols that satisfy regulatory requirements at a security level that’s been certified for a given purpose,” Sherman said, “But then having an encapsulation technique that puts a crypto technique on top of that. It wraps up into that overall encryption scheme, so that in the future you can drop one that’s vulnerable and just keep the post-quantum encryption.”
Governments Must Defend Against Quantum Hacks
For national governments, it’s becoming an all-out quantum arm’s race. And the U.S. may well be losing. Russia and China have both already unveiled initial post-quantum security options, Sherman said.
“They finished their competitions over the past couple of years. I wouldn’t be surprised if the NIST standard also becomes something that Europe uses,” he added.
The threats against IoT devices have only grown more pronounced with current trends.
More virtual health and connected devices deployed in COVID-19, for example, will mean more medical practices are now quantum-vulnerable.
According to analyst firm Omdia, there are three major fault lines in defending the IoT ecosystem: endpoint security, network security and public cloud security. With 46 billion ‘things’ currently in operation globally, IoT already provides an enlarged attack surface for cybercriminals.
“The challenge is protecting any IoT device that’s using secure communications or symmetric protocols,” said Sherman, “Considering that by, 2025 there’s over a trillion IoT devices expected to be deployed. That’s obviously quite large in terms of potential exposure. Wherever RSA or TLS is being used with IoT, there’s a threat.”
Weighing Up Post-Quantum And Quantum Cryptography Methods
Post-quantum cryptography differs from methods such as quantum key distribution (QKD), which use quantum mechanics to secure technology against the coming threat.
QKD is already installed on some government and research communications lines, and hypothetically it’s impenetrable.
But the average business needs technology that can be implemented quickly and affordably. And, as we don’t even know how a quantum decryption device would work in practice, it’s unrealistic to transfer QKD onto every IoT network.
One of the main post-quantum cryptography standards in the frame is lattice-based cryptography, an approach that is thought to be more resilient against Shor’s algorithm.
While these are still based on mathematics and could be endangered by future quantum decryption algorithms, they might buy scientists enough time to come up with other economically viable techniques.
Another advantage would be in IoT applications that need the point-to-point security channel, such as connected vehicles, De Feo said.
“Probably the lattice-based schemes are the best right now to run on IoT devices. Some efforts will be needed in the chip design process to make these even easier to run,” he added, “But we should probably start thinking about this right now. Because it will probably take around five-to-seven years after the algorithms have been found for the chips to reach people’s homes or industrial systems.
“And then – potentially – [if the optimistic estimates are right,] quantum computers will have arrived.”
