As NIST prepares for Quantum Safe Security, IBM rolls out support
The world of crypto is changing at a very slow, but steady pace. New crypto standards need to be verified over a long period of time, and therefore new threats to existing standards need to be judged over decades, because updating crypto standards is a multi-year journey. Quantum computing is a significant threat looming on the horizon. Quantum computers can solve many equations simultaneously, and based on Shor’s algorithm, cryptography experts believe they will be able to crack asymmetric encryption. Additionally, Grover’s algorithm provides a quadratic reduction in the decryption time of symmetric encryption. And the question these same crypto experts are trying to answer is not if it will happen, but when.
Today’s cryptographic algorithms use mathematical problems such as factoring large numbers to protect data. With fault-tolerant quantum computers, the factorization can be solved in theory in a few hours using Shor’s algorithm. This same ability also compromises cryptographic methods based on the difficulty of solving discrete logarithm problems.
The term used to describe these new, stronger cryptographic standards is “quantum safe”. The challenge is that we don’t know exactly when fault-tolerant quantum computers will have the power to systematically break existing encryption standards, which are now widely used. There are also concerns that some parties may download and store encrypted data for later decryption, when sufficiently capable quantum computers become available. Even if the data is more than ten years old, there may still be relevant confidential information in the stored data. Think state secrets, financial and stock market records and transactions, health records, or even private or classified communications between public and/or government figures.
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) estimates that it is possible that the RSA2048 encryption could be hacked by 2035. Other U.S. government agencies and other security-conscious entities security have similar deadlines. Rather than wait until the last minute to upgrade security, NIST launched a competition to develop quantum encryption in 2016. After several rounds of reviews, on July 5e this year, NIST has chosen four algorithms for the final stages of review before setting the standard. IBM has developed three, two of which are supported today by IBM’s Z16 mainframe.
IBM’s new encryption algorithms are based on a family of mathematical problems called structured networks. Network problems have a unique characteristic that will make them reasonably difficult to solve with quantum computing. Structured network problems require solving two unknowns – a multiplier array and an offset and it is extremely difficult for quantum computing to solve network problems. The shortest vector problem (SVP) and the nearest vector problem (CVP) – on which network cryptography is built – are considered extremely difficult for a quantum computer to solve. Each candidate encryption algorithm is evaluated not only for data security, but also for performance – the overhead cannot be too great for large-scale use.
Final selections are expected in 2024, but there is still a chance there will be changes before the final standards are released.
IBM supports Quantum Safe in new Z-series mainframes
IBM made a strategic bet ahead of the final NIST selections. Recently released IBM Z16 series computers already support two of the four latest quantum-safe cryptographic candidates: CRYSTALS-Kyber public-key encryption and CRYSTALS-Dilithium digital signature algorithms. IBM is ready to work with industry to substantiate these algorithms in production systems. Initially, IBM uses its tape drive storage systems as a test platform. Since tape is often used for cold storage, it is an excellent medium for long-term data protection. IBM is working with its customers to find the appropriate way to deploy quantum encryption in the market. This needs to be approached as a lifecycle transformation. And, in fact, IBM works with its customers to create a crypto-agile solution, which allows the exact cryptographic algorithm to change at any time without disrupting the entire system. It’s not just a pull and replace process. With crypto-agility, the algorithm is pulled from the system’s software stack so that a new algorithm can be deployed seamlessly. IBM develops tools that integrate crypto status with global observability with a tailored dashboard to see crypto events etc.
These new algorithms must be deployable on existing computing platforms, even at the edge. However, it will not be possible to upgrade every system; this will likely be an industry-by-industry effort and industry consortia will be required. For example, IBM, GSMA (Global System for Mobile Communication Association), and Vodafone recently announced that they would work through a GSMA task force to identify a process for implementing secure quantum technologies in critical telecommunications infrastructure, including including the networks that underpin Internet access and the public. utility management. The telecommunications network carries financial data, health information, public sector infrastructure systems and sensitive business data that must be protected as it traverses global networks.
What’s Next for Quantum Safe Algorithms
Fault-tolerant quantum computing is coming. When it becomes available is still a guessing game, but the people who care most about data security are aiming for 2035 to implement quantum-safe cryptographic algorithms to deal with the threat. But that is not enough. We need to start protecting critical data and infrastructure sooner than that, given how long systems are deployed in the field and data is stored. Systems such as satellites and power stations are not easy to update in the field.
And there is data that needs to be stored securely for future retrieval, including HIPAA (for medical applications), tax records, toxic substances control act and clinical trial data, and others. .
Even after these new algorithms are deployed, it’s not the end – there may still be developments that can even break next-generation quantum algorithms. The fight between those who want to protect systems and data and those who want to break them continues and why companies should seek to integrate cryptographic agility into their security plans.
Tirias Research follows and advises companies across the entire electronics ecosystem, from semiconductors to systems and sensors to the cloud. Members of the Tirias research team have consulted for IBM and other companies in the security, AI and quantum ecosystems.