Few businesses are in a position to plan strategically on a five or ten-year timeframe, but when it comes to encryption CISOs need to expand their horizons. That’s because, while today’s encryption algorithms are secure against attack by today’s computers, they will be rendered useless when quantum computers finally become stable and usable enough to apply to the task of decryption.
There’s no point waiting until quantum computers are a reality, however, since the minute they are workable they will be able to compromise the encrypted data your company is producing today.
Timeframes for workable quantum decryption systems are shorter than you probably realise: “It is projected that we will have a quantum computer stable enough, in the next 5 to 10 years, to break today’s encryption,” Avesta Hojjati, the head of R&D at DigiCert, told an audience of nervous security practitioners at a recent CSO roundtable.
Quantum success is creating CISO problems
Quantum computers – which introduce a new computing architecture that will be able to break today’s strongest asymmetric-key encryption in milliseconds or minutes – have moved from research tables to commercial reality at a rapid pace in recent years.
IBM already offering as-a-service access to a quantum computer through its IBM Q service. And Australian researchers are at the cutting edge of the global race to commercialise quantum computers, as recognised by the government’s decision to acknowledge UNSW quantum researcher Professor Michelle Simmons as the 2018 Australian of the Year.
Quantum computing promises access to vastly more computing power that will be invaluable for quickly modelling complex data sets, exploring molecular interactions, designing new drugs, and solving complex engineering problems in milliseconds.
But its power comes at a price to information security, which is today based largely on the complexity of factoring a massive number that is generated at encryption time by multiplying two very large prime numbers.
Conventional computers need millions of years to brute-force their way through trillions of trillions of possible combinations, but the very different design of quantum computers means – as mathematician Peter Shor demonstrated in 1994 – they will be able to complete the factoring problem to break complex RSA encryption without a thought.
“We don’t even need to have quantum computers to prove that they are able to break RSA encryption,” Hojjati said. “We are able to run it through Shor’s algorithm, which proved that if you have a stable enough quantum computer you are able to break RSA.”
Data is longer-lived than encryption
While the mechanics of quantum computing may seem foreign and distant for many, it doesn’t take much for security practitioners to appreciate the wide-ranging and significant consequences of having even sensitive data available for decryption by malicious hackers.
“If quantum computing suddenly destroys a lot of our defences, it’s as if every criminal in the land suddenly had a master key to every vault,” one attendee shared.
“The impact on us could be enormous. And it takes time for a large organisation to make changes, so we really need to be looking at things that we can be doing sooner rather than later.”
Quantum decryption attacks aren’t likely to be the product of casual hackers; rather, Hojjati warned, attackers might well be nation-state backed and targeting sensitive national-security, financial or infrastructure assets with merciless accuracy.
CISOs face a particularly serious threat because personally identifiable information (PII) generated today needs to protected for the life of the person it relates to.
While credit-card numbers can be regenerated if they are compromised, “I can’t just go back and ask people to change their date of birth or gender just because I am worried about quantum computers,” said Hojjati – a former black-hat hacker who progressively moved into white-hat consulting and jobs at Yahoo and Symantec, and is currently completing a PhD on blockchain and the Internet of Things in manufacturing.
“Your data is as good as your life, and that could be on average 60 years from now. So if they are able to [decrypt] this data while you are alive, the threat of quantum computers will be there forever.”
“If in the next 5 or 10 years we are able to access this encrypted data, we can connect the dots and do way more than we are supposed to be able to do as an adversary.”
Planning for the post-quantum world
DigiCert has been an early mover in the push to build encryption standards that can resist the capabilities of quantum computers. Channelling longstanding concerns that the coming quantum apocalypse could destroy an Internet trust ecosystem that is built entirely around encrypted digital certificates, the firm, among other things, bought Symantec’s website security and public key infrastructure business in mid 2017.
The firm recently partnered with encryption giant Gemalto and quantum security firm ISARA Corp to develop quantum-resistant digital certificates, and is actively engaging with the National Institute of Science and Technology (NIST) driven Post-Quantum Cryptography (PQC) Standardization industry effort.
That project recently named 26 potential candidate algorithms as ‘semifinalists’ ahead of declaration of formal standards later this year.
Yet DigiCert is already offering PQC compliant algorithms and has developed a way to allow businesses to adopt a hybrid encryption approach that pairs them with conventional algorithms. The technology offers a way of future-proofing existing data assets, Hojjati said, and is available to clients for deployment now.
Facing the migration challenge
Yet even as the standards for PQC are being finalised, CISOs face an even bigger problem: getting executive buy-in for an overhaul of an encryption ecosystem that lies at the heart of data protection in today’s businesses.
“If the solution is already available and has already been tested, why would you not deploy it today?” he said, noting that software-development latency meant the industry was still struggling to stop using the MD5 hashing algorithm years after it was broken and declared unfit for use in encryption.
While the technical case for implementing PQC may be cut and dry, many attendees confessed that they still face opposition from executives who are only now committing adequate resources to meet current security needs – much less to invest for something that is seen to be many business cycles in the future.
“I had a conversation with one of my board members about quantum computing two years ago and he turned to me and said ‘that’s not going to ever be a real thing’,” one attendee recalled. “It’s about getting that group of people to understand the risks associated with the technology.”
Others highlighted the additional risk from third parties – upon whom most companies are now relying for both business functions and technical service delivery. As with every type of security risk, true resilience in the post-quantum world will require every member of the supply chain to make the same transition – and that takes time.
“We need to roadmap those over the horizon type risks,” another attendee pointed out. “Our board and members expect us to educate them about what’s coming.”
Companies should begin by running a proof of concept using hybrid digital certificates, Hojjati said, and exploring their use across conventional devices and new additions such as Internet of Things (IoT) devices.
“If I look at it from an adversary point of view,” he said, “and I see a bank, insurance company or IT company that are looking at a PQC solution, I will probably check that off my list of targets because I know that CISO has already had the vision of quantum computers being a threat.”