Just in the last three months, we’ve seen three (very different) major incidents that have impacted America’s Critical National Infrastructure (CNI). The first was a widespread outage across Texas’ power grid that left millions without power and vital services running on emergency generators. Two other attacks are more recent, with ransomware attacks hitting the Colonial Pipeline and the world’s largest meat processing company. For me, these events are both just a small preview of what an attack by future quantum computers, with their extraordinary capacity to decrypt existing encryption systems, could do to the infrastructure and businesses we rely on most.
While many may consider the Quantum Threat as scaremongering at worst, and “not in my lifetime” at best, they are failing to consider the very real threats that quantum computers can have today. If we are to avoid the catastrophic economic and health consequences of a quantum computer attack on our CNI, which are predicted to be far more protracted and far worse in their effects, we need to start taking the quantum threat seriously, right now.
What is the Quantum Threat?
Quantum machines are extremely good at performing vast amounts of computations in parallel whilst today’s computers have to solve problems one at a time. As such, they can derive knowledge from small datasets, which will allow them to break current public-key encryption.
So, while quantum computers promise revolutionary benefits for many industries, they also pose an existential threat to existing public-key encryption, such as RSA, which enables the digital commerce, secure communications and remote access to financial services that we all rely on today.
However, adding to this problem is that quantum decryption can be applied retrospectively, in that the groundwork for a “collect now, decrypt later” attack could be laid today. This means that, if a rogue nation-state or bad actor intercepted data today, they could decrypt this harvested data once quantum computer’s capabilities exceed those of classical computers – often referred to as “Y2Q”.
Should decision makers be concerned by the threat of quantum?
The road towards standardisation
In 2014, the National Institute of Standards and Technology (NIST) suggested that a quantum computer capable of breaking 2000-bit RSA would be built by 2030. In response, NIST launched a process to develop new algorithms that can withstand the quantum threat.
This process will create a new generation of quantum-resistant cryptographic tools (often called “post-quantum cryptography” or PQC), which will replace – or supplement – today’s standards and counteract quantum computers. Crucially, it is expected that a new encryption standard will be ready by the end of this year.
Whilst many are waiting for NIST’s standard to emerge before taking action on quantum encryption, things are not quite so simple. Cryptography has been such a fundamental technique in the information security landscape and we’ve embedded it into almost everything we do. Most organisations will need to overhaul their entire information security and cryptographic infrastructure to ensure systems are quantum-safe and in line with NIST’s new standards. However, replacing the likes of RSA and Elliptic Curve will not happen overnight and could take years to complete.
Just think about SHA1’s deprecation and how long this transition took: it was recommended four or five years before it went into effect, but eventually took over 13 years from the recommendation stage until widespread change occurred. The transition to post-quantum cryptography will be far more complex, so we must act now if we are to become quantum-ready in time for Y2Q. But where should you start? Here are my 3 suggestions:
1. Assign resources and build a dedicated team: If you haven’t done so already, the best place to start is to create a dedicated team, assign resource investment and build a project plan. After establishing this team, they must first perform an inventory audit to assess what devices, systems and applications in your environment are using public key cryptography. This will help you map out a migration path that prioritises high-value assets, whilst identifying any expected impact on operational systems. It will be vital to focus on the most critical and vulnerable systems first, particularly those that are external facing and concern authentication.
2. Adopt a crypto-agile approach: We can’t be sure which quantum-safe algorithms NIST will standardise and because these algorithms are still relatively new, you may not want to completely do away with today’s standards. After all, quantum computers are still too primitive to break current encryption standards, so using today’s methods is still an effective way to protect against current info security threats. Therefore, as we make the transition to quantum-safe security, it’s important to practice ‘crypto-agility’.
Crypto-agility is the process of understanding what existing cryptographic measures can be migrated over to quantum-ready solutions. Taking this approach means that it’s possible to keep the tried and tested classical cryptography we use today, like RSA, alongside one or more post-quantum algorithms, while also helping security teams to prioritise the adjustments they tackle first when entering the migration phase. This crypto-agile approach will offer greater assurance against both traditional attacks and future threats.
This is vital as many devices, systems and applications that rely on encryption for security are now looking to be deployed and are expected to have a lifespan of over 10 years – if these aren’t cryptographically agile enough to deal with a future quantum attack, organisations will leave themselves vulnerable in the future.
3. If nothing else, focus on identity: In the future, we will need all our digital infrastructure to be quantum-proof end-to-end but, if you are unsure of where to start, identity should be the most important consideration now as it’s the key to the castle. You could secure all of your other encryption, but if someone can access your identity system, then it doesn’t matter what else you do – your systems will think they are the right person, so they can gain ‘legitimate’ access to your systems and infrastructure.
There’s little point in securing your entire infrastructure if you haven’t also considered identity, and starting at the front-end of the info security ecosystem will also allow you to tackle one of the most historically challenging systems for an organisation to upgrade or replace.