Preparing for the era of post-quantum cryptography | HCLTech
Cybersecurity

Preparing for the era of post-quantum cryptography

With the evolution of quantum computers, many speculate that quantum systems can eventually break the existing public key infrastructure that safely fuels the internet.
 
5 minutes read
Girish Kumar Vaideeswaran

Author

Girish Kumar Vaideeswaran
Data Security Consultant, Data Security and Data Privacy, Cybersecurity Services
5 minutes read
Share
Preparing for the era of post-quantum cryptography

What a remarkable innovation computers have been, from their inception with the general-purpose ENIAC —housed in a 2,000 square foot space and weighing about 30 tons —to our current hand-held multi-use computing devices capable of instantly accomplishing tasks once considered Herculean. It is said that history repeats itself, and sure enough, we have spent the past two decades in another serious research phase focused on advancing the speed of these computing systems. And it’s a no-brainer that we are talking about quantum systems analogously, as they, like their ENIAC predecessors, are enclosed in huge space —in this case, a 500-square-foot airtight glass structure.

Gone are the days when earlier generation computers had a dedicated toggle switch called the “TURBO” control that was used to slow down processing speeds so that our software ran at the speed for which it was programmed. Now, the whole scenario has changed, as developer software languages and applications have evolved to such an extent that applications are hungry for more of those computing cycles to deliver faster, safer and more robust applications. There are no limits to computing powers, and the usage of computing has improved the lives of people in the fields of E-commerce, medical and life science, analytics, space research and defense systems.

Those were the benefits we have reaped until now —the outcome of the evolution of computers. Now, however, it’s increasingly important to consider and plan safeguards to wean off the cons arising from these advancements. Yes, we bring to your attention the post-quantum computing era, where bad actors are always on the edge, trying to slip in via loopholes to compromise systems, and one of the key factors that might be assisting them in the near future, potentially, is the power of computing. With the evolution of quantum computers and a view of the post-quantum cryptography world, many experts speculate that quantum systems can break the current public key infrastructure that safely fuels the world of the internet.

Qubit 2023

Imagine those seamless banking transactions, the hassle-free online grocery shopping and all the half-full ecommerce shopping carts… all stripped bare! It’s unthinkable, right? That’s what these powerful quantum machines are envisaged to do: break through and decrypt the protected data stored and transmitted across the world without possessing the private keys.

Advancements in quantum computing

Researchers on quantum computing have already hit the 400-qubit mark and are heading towards the 10k-qubit mark in 2024. In addition, major developments are expected to improve the qubit quality by transitioning from physical qubits to error-corrected logical qubits for real-life computing, mitigating the noise in the quantum circuit and bringing in modularity that will help to scale the performance.

Development of new cryptological standards

is all about quantum-proof cryptographic algorithms that are resistant to quantum attacks and fit in existing encryption standards, so both can coexist and operate in a hybrid manner. Initiatives such as the Open Quantum Safe Project and the NIST Post-quantum Project are deeply focused on developing these quantum-resilient algorithms and peer-reviewing them. The cryptanalysis phase, which may extend for years, helps determine whether the proposed algorithms are safe and secure for real-life purposes. Though we have seen significant research in the field of PQC, there are still no robust quantum-resistant algorithms. Also, quantum-resistant computes will require very large key sizes, typically twice the key size of current PKI, which in turn will lead to a visible performance overhead in terms of time required to perform cryptographic operations and increased usage of other hardware resources like memory, storage and networks.

Following are three key principles that every organization should enforce to stay vigilant in the forthcoming quantum era:

  1. Be certain to have a view of the crown jewels and critical data stores in your inventory that must be guarded from the “harvest now, decrypt later” attacks
  2. Ensure systems that are using public key cryptography have additional guardrails to detect, protect and deter from quantum-based cyber-attacks
  3. Presently, there are no quantum computers of a scale large enough to break current public key encryption standards. Though the crypto era seems delayed, the buzz around advancements and developments cannot be ignored. It is always better to stay vigilant and operate strategically to be quantum-resilient rather than to time the occurrence of cyberattacks arising out of the evolution in quantum computing.
Share On