Migrating to post-quantum cryptography – CyberAdviser News Portal

In the year 2020, the NCSC released a comprehensive white paper titled Preparing for Quantum-Safe Cryptography. This document outlined the potential risks posed by future quantum computers, which are expected to be far more advanced than any that currently exist. Such computers could significantly threaten a broad range of existing cryptographic systems, specifically those categorized under public-key cryptography (PKC). PKC plays a vital role in facilitating secure communications across the internet and various other networks.

The white paper further details NCSC’s recommendation for mitigating the risks associated with quantum computing through the adoption of quantum-safe cryptography, or post-quantum cryptography (PQC). PQC is designed to withstand attacks from quantum computers as well as traditional digital (or classic) computers. Additionally, PQC is intended to provide functionality similar to the existing PKC, enabling its implementation on many devices—such as PCs and smartphones—through software updates.

While this may appear to be a straightforward solution to the challenges presented by a potentially disruptive technology, the actual transition to PQC is a complex process. This article seeks to clarify why this is the case.

The awareness of the quantum computing threat to traditional PKC has been present for decades. Cryptographers across academia, industry, and government have engaged in extensive research on PQC since the mid-2000s. PQC employs different mathematical approaches compared to classical PKC for the computational challenges that support its security, and this extensive period of study has permitted thorough analysis of the algorithms poised for widespread implementation.

In 2016, the US National Institute of Standards and Technology (NIST) initiated a selection process for PQC algorithms to be standardized. This significant undertaking has recently reached an important milestone with the publication of draft standards. While fundamental security research into PQC will continue, this heralds a pivotal transition in PQC efforts from primarily academic research to a coordinated global IT migration initiative.

With the availability of draft standards, organizations managing their cryptographic resources can move forward with experimenting with implementations of new PQC algorithms to evaluate their performance in crucial applications. To support these endeavors, the NCSC is providing additional guidance on algorithm selection and protocol considerations.

Transitioning to PQC necessitates more than just new algorithms. Protocols and services must be redesigned, as PQC usually demands higher performance from devices and networks compared to traditional PKC. This demand is particularly evident in the volume of data that must be exchanged between parties utilizing PQC to secure their communications. Various international bodies are working concurrently to update protocol standards alongside the development of algorithm standards, enabling test deployments of PQC by major service providers to assess the implications of this transition.

Although migrating many significant internet services (and the applications that connect to them) may be one of the more manageable components of the PQC transition, numerous legacy and sector-specific protocols—especially those serving critical national infrastructure (CNI)—will also require metamorphosis. These specific scenarios present additional challenges, such as executing cryptographic processes on devices with limited resources and legacy systems that are difficult to upgrade.

Fortunately, extensive research within both academia and industry has focused on these challenging scenarios, resulting in viable solutions for numerous situations. For devices or infrastructure that can’t transition to PQC, system owners will need to incorporate PQC migration planning into their scheduled technology refresh cycles. Over the coming years, NCSC will offer specialized advice tailored to sectors deemed of national importance to assist in this migration.

Despite the magnitude of the PQC transition, it’s important to remember that for many applications, PQC is effectively ‘just software.’ Many of these applications consist of internet services or applications created and managed by leading service providers. In such contexts, the transition to PQC will predominantly occur through software updates released by these providers. Individuals and organizations dependent on major service providers for their cryptographic needs should adhere to NCSC guidance on maintaining software and devices up to date, with the PQC transition unfolding primarily behind the scenes.

Through these software enhancements, a relatively straightforward solution exists for addressing the quantum threat, thanks to the extensive groundwork completed by cryptographers, software engineers, hardware designers, security architects, and other cybersecurity experts worldwide.