Product announcement: Try the new Cloaked AI beta
Patrick Walsh
Originally published at www.forbes.com.

Forbes: How To Be Crypto-Agile Before Quantum Computing Upends The World

It’s possible that powerful quantum computers already exist in a highly classified lab. It’s equally possible that it will be another 40 years before quantum computers can crack modern cryptography. Most experts think it will happen sometime in the next 10 years.

Regardless, change is coming. There’s a race to create new cryptographic algorithms that can withstand attacks from both classic and quantum computers, and in the next 10 years, best practices in cryptography will evolve significantly and quicker than they have over the previous 25 years. Companies need to take a crypto-agile approach now to avoid huge, disruptive, urgent, Y2K-level security projects later.

Forty Years Of Quantum Computing

Quantum computers are not new. They were theorized in 1980, and in 1994, Peter Shor devised an algorithm that, on sufficiently powerful quantum computers, could factor integers exponentially faster than our classic computers can. That breaks RSA cryptography, which is the security foundation of much of the internet. But it isn’t only RSA. Sufficiently powerful quantum computers will break Elliptic Curve Cryptography (ECC), too. That also underpins much of the internet as well as most cryptocurrencies.

Challenges Of Quantum Computing

In 1998, four years after Schor’s breakthroughs, the first quantum computer was built. It was a proof of concept nowhere near powerful enough to break today’s cryptography. Much progress has been made, but making these computers powerful is an enormous challenge since any little vibration, temperature fluctuation or other change in the environment can disrupt calculations. These computers are generally housed deep underground and require temperatures near absolute zero.

As of today, no one claims to have built a quantum computer that is both stable enough and powerful enough to break our current generation of cryptography. But that day is inevitable.

Cryptography Is Fundamental To Online Life

Most websites you visit today show a little lock icon in your URL bar to indicate that you’re using the secure version of HTTP and that the data you send to and from a server are protected against eavesdropping. This prevents people from stealing your login credentials to your bank or your credit card number, and it’s fundamental to everything we do on the internet.

Every secure connection to a website initially uses public key cryptography like RSA or ECC to negotiate a shared secret in a dance known as a key exchange. If that’s broken by quantum computers, then everything we do on the internet is broken, too.

Signs That Quantum Computing is Nearly There

In January, the White House issued a National Security Memorandum instructing federal agencies to modernize the encryption protocols used on national security systems. At the same time, the National Institute of Standards and Technology (NIST) is holding a Post Quantum Cryptography (PQC) competition where the world’s foremost cryptography researchers have submitted proposals for a new generation of public key algorithms that can survive attacks by both classic and quantum computers.

In short, the U.S. government is showing a sense of urgency in getting this looming problem fixed. We can’t know all of their motivations, but the rest of us would do well to heed those signals.

What’s Next?

When the PQC competition finishes, we’ll be in a delicate place caught between new and unproven algorithms and classic trusty but ultimately doomed algorithms. There’s a lot of risk with these new algorithms. For example, one finalist was just broken spectacularly by researchers using standard computers.

To mitigate the risks of the new algorithms, there will be a period where best practices are hotly debated. Some will advocate for a mixture of the new and old algorithms. Wherever that lands, best practices will evolve quickly in the coming years, and companies need to be ready to evolve with them.

That’s where crypto-agility comes into play.

What Is Crypto-Agility?

To be crypto-agile means to be able to make cryptographic changes quickly and without the burden of massive projects. That means adopting tools and technologies that abstract away underlying cryptographic primitives and that can change readily.

To be crypto-agile is to acknowledge that change is on the horizon and that anything built today needs to be able to adapt to coming changes. Smart organizations are already updating existing systems and forcing crypto-agility requirements for all new projects.

Change Creates Opportunity

This is an opportunity for security teams to re-examine not just what algorithms they are using but also their data protection strategies in general.

Most data today is “protected” using transparent disk or database encryption. This is low-level encryption that makes sure the bytes are scrambled before they hit the disk but is invisible while the machine is on. Servers stay on around the clock.

A better approach is to use application-layer encryption (ALE). ALE is an architectural approach where data is encrypted before going to a data store. When someone peeks at the data in the data store, they see random bytes that have no meaning without the correct key.

Prioritize Preparedness

It’s easy to let what’s urgent eclipse the important. Reactive security tasks often overwhelm the proactive ones. This leads to unfortunate situations with emergency after emergency in an infinite loop. Ironically, it’s only the investment in proactive measures that can break the cycles.

Cryptography underlies all of our most relied-upon systems and is foundational to our assumptions about security and the cloud. Organizations must prioritize crypto-agile projects and establish a plan for how they’ll handle the coming changes. It isn’t a matter of “if” but “how soon.”