In 2020, the NCSC released an important white paper titled Preparing for Quantum-Safe Cryptography. This document outlined the potential dangers posed by future quantum computers, which could surpass current capabilities and threaten the security of widely used cryptographic methods known as public-key cryptography (PKC). PKC serves as the backbone for secure communications over the internet and various other networks.
The NCSC white paper also emphasizes that the recommended response to the quantum computing threat is the adoption of quantum-safe cryptography, also referred to as post-quantum cryptography (PQC). This form of cryptography is designed to withstand attacks from both quantum and classical computers and offers functionality similar to the vulnerable PKC in use today. Moreover, PQC can be implemented in a wide range of current devices, such as PCs and smartphones, through software updates.
While this approach appears to offer a straightforward solution to the challenges posed by emerging technologies, transitioning to PQC is an intricate process. This blog aims to shed light on the complexities involved.
The threat of quantum computing to conventional PKC has been recognized for many years, leading researchers in academia, industry, and government to invest significant effort into PQC research since at least the mid-2000s. PQC relies on alternative mathematical principles compared to traditional PKC, ensuring rigorous evaluation of the algorithms poised for widespread use.
In 2016, the US National Institute of Standards and Technology (NIST) initiated a process to standardize PQC algorithms, which recently achieved an essential milestone with the release of draft standards. Although foundational security research on PQC will persist, this marks a significant shift in the transition activity from predominantly research-oriented to a comprehensive global IT migration endeavor.
The introduction of draft standards allows organizations that manage their own cryptographic systems to proceed with PQC migration steps, such as testing implementations of new algorithms in critical scenarios. The NCSC is also providing further guidance regarding algorithm selection and protocol considerations.
Transitioning to PQC necessitates more than simply adopting new algorithms; it requires the re-engineering of protocols and services as PQC generally imposes higher demands on devices and networks than traditional PKC. This is particularly true in terms of the volume of data that must be exchanged between parties ensuring secure communications using PQC. International organizations are collaborating to update protocol standards alongside algorithm developments that facilitate test deployments by leading service providers, helping to assess the implications of this transition.
Despite the challenges, upgrading many key internet services—and the applications that rely on them—will probably be one of the less complicated aspects of the PQC transition. Legacy systems and specific protocols, particularly those utilized in critical national infrastructure (CNI), will also require a shift to PQC. Unique challenges in these scenarios involve operating cryptography on devices with limited resources and upgrading complicated legacy systems.
Fortunately, considerable research in both academia and industry has targeted these complex situations, and viable solutions have been developed for numerous cases. For systems or infrastructure unable to adopt PQC immediately, owners must incorporate the transition into their scheduled technology refresh cycles. Over the next few years, NCSC plans to offer tailored advice to sectors of national significance to aid in the PQC transition.
Nonetheless, it is essential to recognize that for many applications, PQC can be viewed as ‘just software.’ Numerous of these applications are internet services or applications managed by prominent service providers. In these scenarios, the transition to PQC will mainly occur through software updates implemented by the provider. Individuals and organizations dependent on major service providers for their cryptography should heed NCSC guidance on keeping software and devices updated, allowing the PQC transition to largely happen without user intervention.
For users in these situations, there is indeed a relatively straightforward solution to the quantum threat, a possibility born from years of dedication by cryptographers, software developers, hardware engineers, security architects, and numerous other cybersecurity professionals across the globe.
John H
Head of Crypt Research
Based on an article from ncsc.gov.uk: https://www.ncsc.gov.uk/blog-post/migrating-to-post-quantum-cryptography-pqc
