Chuck Easttom, Ph.D., D.Sc., Adjunct Professor, Vanderbilt University and Georgetown University
CybersecurityInformation Security

Quantum Resistant Cryptography and What You should be doing

cxomagazine
By Chuck Easttom, Ph.D., D.Sc., Adjunct Professor, Vanderbilt University and Georgetown University

Quantum computing has made substantial advances in the past 10 years. In 2022, IBM announced their Osprey processor with 433 qubits. IBM Condor processor released in 2024 has 1,121 qubits. Atom computing has reached 1180 qubits. And it is not just the number of qubits that is increasing, coherence times, error correction, and other aspects of quantum computing are also improving. However, these advances also highlight a growing problem.  Virtually all aspects of network security depend, at least to some extent, on asymmetric or public key cryptography. Currently used algorithms such as RSA, Diffie-Hellman, and Elliptic Curve are secure from classical computing attacks because they are based on mathematical problems that are difficult for classical computers to solve. By difficult, it is meant that they cannot be solved in practical time. RSA, for example, is based on the difficulty of factoring integers into their prime factors. Diffie-Hellman is based on the difficulty of solving the discrete logarithm problem. The various improvements to Diffie-Hellman, such as Elgamal and MQV, are also based on the difficulty of solving the discrete logarithm problem. Elliptic Curve Cryptography, which includes several algorithms, is based on the difficulty of solving discrete logarithm problems of a random elliptic curve element with respect to a publicly known base point. However, it has already been proven that quantum computers using Shor’s algorithm can solve these mathematical problems in what is called polynomial time. The only reason these algorithms are safe today is because the current quantum computers don’t have enough qubits to attack the size of cryptographic keys being used. When quantum computers will be breaking real-world implementations of these algorithms, it is difficult to say. Experts vary on their opinions. But everyone agrees it is coming. Too many current organizations currently have no plan to mitigate this problem.

So, the good news is that you don’t need to figure out the cryptography yourself. But what is it you do need to do?

The good news is that you don’t need to be a cryptographer to be able to start evaluating quantum resistant solutions. Experts have already done the groundwork for you. I always encourage people in any aspect of IT to begin looking at standards. Fortunately, the United States National Institute of Standards and Technology has established standard algorithms for quantum-resistant cryptography. These algorithms are based on entirely different mathematics than RSA, Diffie-Hellman, and Elliptic Curve. The mathematics underlying the security of these algorithms is not vulnerable to quantum computing attacks. NIST has selected the following algorithms:

  • CRYSTALS-KYBER for Public-key Encryption and Key-establishment Algorithms. Note that NIST is now referring to this algorithm as a Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM).
  • CRYSTALS-DILITHIUM for Digital Signatures
  • FALCON for Digital Signatures
  • SPHINCS+ for Digital Signatures

Other US Standards overlap with the NIST standards. Federal Information Processing Standards (FIPS) typically provide guidance for U.S. government agencies to implement NIST standards. There are three FIPS standards related to quantum resistant cryptography. Relevant quantum resistant cryptography FIPS standards are FIPS 203 (ML-KEM or CRYSTALS-Kyber), FIPS 204 (ML-DSA or CRYSTALS-Dilithium), and FIPS 205 (SLH-DSA or SPHINCS+). There is also the NSA CNSA Suite 2.0. The National Security Agency has published the Commercial National Security Algorithm Suite 2.0 (NSA, 2024). This document identifies algorithms that can be used for National Security Systems (NSS). Many of the algorithms are the same as found in FIPS and NIST standards. Other nations have created similar standards. For example, in Germany, the Bundesamt für Sicherheit in der Informationstechnik, or BSI (Federal Office for Information Security), has established quantum resistant cryptography standards.

So, the good news is that you don’t need to figure out the cryptography yourself. But what is it you do need to do? First, I would caution you to be wary of snake oil salesmen. There are a number of companies claiming quantum resistant cryptography, and unfortunately, many of them have very little understanding of the problem, let alone the solution. What you should first do is search for companies that are offering products that implement one of the previously mentioned standards. My goal is not to endorse any particular company or product; however, the following companies have actually worked with NIST to create standards-compliant quantum resistant products: Amazon Web Services (AWS), Cisco Systems, Cryptosense SA, Crypto4A Technologies, InfoSec Global, ISARA Corporation, Microsoft, Samsung, SandboxAQ, Thales, and VMware. 

This leads to what, precisely, your organization should be doing right now. First, you should have a team that has prepared for quantum resistant cryptography as one of their tasks. That team should form a timeline to move your encryption to quantum resistant algorithms and products. This will involve communicating with vendors, comparing products and prices, ensuring ease of implementation, etc. When it is time to begin implementation, it should be first beta-tested on a small section of your organizational network. Then, it should be slowly rolled out to the rest of the network in stages. The simple fact is that quantum computers will, in the near future, reach a point where they can break the algorithms you are using today. If you do not engage in a plan to mitigate this threat, your organization will be one of those major cyber breaches that we all read about.  What makes this so unfortunate is that there are solutions available to prevent this. You just have to begin working to implement them.