The world’s ICT industry is on notice to update widely used data encryption technologies after the finalisation of post quantum computing (PQC) algorithms designed to prevent powerful new quantum computers from decrypting sensitive personal, business, and government data.
Developed with industry and researchers through an eight-year effort managed by the US National Institute of Standards and Technology (NIST), the three new standards – which NIST references as ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) – are the result of a competitive process that began in 2016.
Anticipating the eventual development of large-scale cryptographically relevant quantum computers (CRQCs), NIST asked the world’s cryptographic researchers to submit candidates to replace the existing FIPS 186-4, NIST SP 800-56A and NIST SP 800-56B standards – all of which are vulnerable because they protect data using public key cryptography (PKC).
PKC’s security relies on long encryption ‘keys’ that are used to encrypt your web browsing, online banking, e-commerce purchases, submission of personal data, secure messaging, social media, email, and phone calls – as well as weightier data like company customer databases, intellectual property stores, and national security information.
Cracking this encryption requires figuring out the two prime numbers that, when multiplied together, produce the key – a process so demanding that security researchers believe modern computers can’t break encryption keys larger than 2,048 bits – but quantum computers work differently and CRQCs will be able to use a technique called Shor’s algorithm to ‘factor’ even the strongest keys in hours.
That would potentially expose the data they protect, laying bare the personal data and communications of citizens, private information of businesses, and nationally critical secrets of governments around the world.
Widespread availability of CRQCs “will render most contemporary public key cryptography insecure,” the Australian Signals Directorate has warned, “thus making ubiquitous secure communications based on current public key cryptography technology infeasible.”
The quantum clock is ticking
Lauded by IBM as “an inflection point in modern cyber security,” finalisation of the three new PQC standards – which were whittled down from an initial field of 82 submissions and 69 viable candidates – has fired the starting gun on the race for software companies, systems administrators, mobile device makers, cloud service providers and others to adopt them.
“One of the main reasons for delayed implementation is uncertainty about what exactly needs to be implemented,” IBM cryptography researcher and PKC encryption co-inventor Whitfield Diffie said. “Now that NIST has announced the exact standards, organisations are motivated to move forward with confidence.”
That means not only adding the standards to their existing and future software, but re-encrypting existing data to ensure it isn’t exposed down the track – a threat that authorities have already flagged in warning about ‘harvest now, decrypt later’ (HNDL) attacks in which cyber criminals are hoovering up encrypted data and warehousing it for decryption when quantum computers are powerful enough.
To protect the world’s data from the threat posed by CRQCs, the three new standards will need to be implemented across every part of the ICT ecosystem, forcing widespread software upgrades in a migration process that IBM warns “presents more complexities than previous [upgrades], as it will require many security protocols to be re-engineered and infrastructure to be updated.”
The transition to PQC is as significant as ongoing efforts to secure web browsing with HTTPS security, although the process will likely be made as transparent as possible as PQC standards are quietly integrated into web browsers, operating systems, cloud applications, and more.
“We encourage system administrators to start integrating them into their systems immediately,” PQC standardization project head and NIST mathematician Dustin Moody said, noting that the new standards “include instructions for incorporating them into products and encryption systems [but] full integration will take time.”
Just how much time remains anybody’s guess – but NIST notes that “historically, it has taken almost two decades to deploy our modern public key cryptography infrastructure” and the new PQC standards will need to be implemented at every point of that infrastructure.
“While in the past it was less clear that large quantum computers are a physical possibility,” the organisation noted when the PQC project commenced, “many scientists now believe it to be merely a significant engineering challenge.”
“Some engineers even predict that within the next twenty or so years sufficiently large quantum computers will be built to break essentially all public key schemes currently in use.”
That timeline is quickly shortening, with firms like IBM recently launching a game-changing quantum computer and PsiQuantum now building large-scale quantum computers in Brisbane and Chicago – harbingers of quantum breakthroughs that could bring forward the timeline dramatically.
“Regardless of whether we can estimate the exact time of the arrival of the quantum computing era,” NIST notes, “we must begin now to prepare our information security systems to be able to resist quantum computing.”