Crypto-agility and post-quantum cryptography explained

The algorithms that sufficiently powerful quantum computers are capable of running can factor large integers and solve discrete logarithms efficiently. These are the hard problems that underlie the security we rely on in present-day public-key cryptography such as RSA and Elliptic Curve Cryptography.

In other words, quantum computers will break the security of the internet.

Anyone with a sufficiently powerful quantum computer will be able to rip the “s” off 🔓 https. At that point, every online transaction, login, banking interaction, communication, etc., will be compromised.

Overview

Quantum computers, first theorized about some 30 years ago, are now real. These computers utilize quantum mechanics at the level of photons or particles to perform calculations.

At the quantum level, these computers can utilize a property called superposition, where a piece of data can be a zero, a one, or a probabilistic overlay of both at the same time.

Quantum algorithms can leverage this property to efficiently solve hard problems that classic computers would take untold years to finish.

Quantum computers aren’t built with standard circuits and silicon, but how they’re built varies widely. One might leverage polarized photons to store state. Another might use molecular magnets, trapped ions, or superconductors. There are more than a dozen different approaches in use across existing proof-of-concept quantum computers.

Problems

All quantum computers suffer two fundamental problems: noise and scale.

Noise: the measurements being taken of spin, orientation, magnetic pole, etc., are at such a microscopic level that they can be disrupted by anything from temperature changes to vibrations, which can introduce errors.

Scale: while it’s possible to measure and manage a single photon on an individual level, it’s extremely difficult to manage billions of them. Making quantum computers more powerful means scaling them up in ways that are exceptionally challenging.

Availability

For now, quantum computers are giant things built by governments, large corporations, and universities and stored in rooms deep underground. It’ll be decades before they become a Christmas list item, if they ever do. Long before that happens, they’ll be a threat to our encryption standards.

The algorithms we used in 2001 are the same ones we’re using today with only a few minor changes (goodbye MD5, hello SHA-3) and tweaks to key sizes. That won’t be the case for much longer.

When the PQC competition concludes, we’ll be caught between the tried-and-trusted algorithms that we use today and new algorithms that have not been scrutinized and attacked as long. There’s a lot of risk with these new standards as we saw when one of the finalists was broken by a classical computer.

This will lead to debate over new best practices, with some folks waiting, others embracing the new, and some working on hybrid schemes that come with their own tradeoffs.

Regardless, best practices around cryptography will evolve and change frequently over the next decade. That’s where crypto-agility comes in.

Experts are predicting Y2K levels of remediation once the inflection point is reached, but quantum computers aren’t the only possible trigger.

It has long been possible that a cryptanalytic breakthrough would render one of our trusted algorithms broken. It’s happened before with MD5 (a foundational building block in many algorithms), with DES, and even with the evolution of key sizes as computers get exponentially more powerful and new techniques reduce the number of cycles required to break smaller keys.

While it sounds easy, it can be extremely difficult to get the proper tools in place that allow you to adjust. Our SaaS Shield product is one way to make this easier. We abstract away your reliance on specific key management servers, algorithms, key sizes, etc., and we allow these to rotate at any time with simple configuration changes.

Talk to us to learn more.