Pages

29 August 2023

Moving toward an All-of-the-Above Approach to Quantum Cybersecurity

Jonah Force Hill , Ryan McKenney , and Kaniah Konkoly

For nearly 30 years, the cybersecurity community has known that a quantum computer of sufficient size and sophistication—if such a machine were ever built—could be used to undermine the security of the world’s most widely used encryption schemes, jeopardizing everything from online commerce to critical infrastructure. At the time of this discovery, with quantum computers still in their infancy, the threat to encryption was essentially theoretical. Yet as the pace of development in quantum science and technology has accelerated over the past decades, governments have begun to take meaningful, concrete steps to strengthen protections against what now appears to be an increasingly likely quantum threat headed our way.

Perhaps the most important action taken to date has been the launch in 2016 of a multiyear competition, spearheaded by the U.S. National Institute of Standards and Technology (NIST), to identify and select a new suite of cryptographic algorithms that are resistant to the computational power of quantum computers, as well as today’s digital computers. These algorithms, known under the umbrella term post-quantum cryptography (PQC), utilize specific, theoretically quantum-safe mathematical formulas (including lattice-based, code-based, and multivariate-based approaches), to secure systems against quantum-based attacks. The NIST expects that the competition’s winning algorithms will be standardized and ready for global deployment as soon as next year.

There will soon be a rapid push to swap out today’s quantum-vulnerable algorithms with these new quantum-safe schemes. Both the White House and the U.S. Congress have already issued orders for federal agencies to begin migrating to the PQC algorithms as soon as they are standardized and to complete as much of the migration as possible by 2035. This is an aggressive timeline. Historically, major cryptographic transitions can take years, even decades, to complete. Starting the migration process now gives organizations the chance to put in place protections well before large-scale quantum computers become available.

PQC migration is a necessary and critical step toward protecting vulnerable digital systems. However, what has often been lost in the PQC discussion is that these new algorithms are no panacea and do not, at least not on their own, provide a fully comprehensive solution to the quantum threat. In fact, one of the leading PQC candidates, Rainbow, was broken in 2022 by a laptop; other candidates have been plagued by side channel attacks, which, while not attacking the algorithm itself, demonstrate that implementation errors, such as timing or power consumption, can lead to serious vulnerabilities.

To achieve true resilience against quantum attacks, the United States needs to implement a strategy of layered defense that integrates the most advanced cybersecurity technologies available, including new tools that leverage the unique characteristics of quantum mechanics that make quantum computers a cybersecurity threat.

Chief among these quantum-based security tools are quantum computing-hardened and non-deterministic processes for encryption key generation and quantum key distribution (QKD) technologies. Both non-deterministic processes for encryption key generation QKD utilize the unique properties of quantum mechanics (including superposition, entanglement, and the randomness of measurement outcomes) to add additional layers of security to vulnerable digital systems. When combined with the new PQC algorithms being developed by NIST, these quantum-derived technologies can help protect against a far fuller range of threats posed by quantum computers than PQC can alone.

PQC and Random Number Generator Risks

The clearest and most obvious threat posed by quantum computers comes from their ability to rapidly solve the factoring and discrete logarithm problems underlying many of today’s most used encryption methods. The NIST’s PQC algorithms have been designed to leverage math problems for which quantum computers provide no meaningful advantage over digital computers. But these PQC algorithms still have a critical flaw: they rely upon classical (i.e., non-quantum) random numbers for cryptographic key generation.

Random numbers are the lifeblood of encryption. To create a secure cryptographic system, you need both a method of converting a message into a string of unintelligible characters (an algorithm) and a reliable method of generating random numbers to lock and then decipher those characters (cryptographic keys). One cannot protect a message with the first ingredient alone, no matter how good the algorithm is. An encryption system is only as strong as your cryptographic keys are unpredictable.

Unfortunately, most sources of random numbers for today’s encryption systems, as well as PQC algorithms, aren’t truly random. Most classical random number generators, known as pseudo-random number generators (PRNGs), generate numerical sequences using physical processes (mouse movements, keyboard presses) that are random enough to protect against most attacks from digital computers.

The word “pseudo” is important here. While they may exhibit statistical randomness under classical scrutiny, PRNGs are still bound by the laws of classical physics and are thus still deterministic and not truly random. A determined attacker, with knowledge of the algorithm and the conditions used to initiate the PRNG, can exploit these repetitive patterns and predict the output. To be sure, it may take some doing to reverse engineer what’s being measured, but with enough information, a determined attacker can break the code, potentially putting valuable data at risk.

Indeed, classical attacks on PRNGs have been well documented. Various techniques, such as capturing radio-frequency emissions or injecting controlled signals into supposedly random sources, have been employed to exploit the deterministic nature of PRNGs. The 2010 hack of the Sony PlayStation 3 game console, where a flaw in the PRNG implementation allowed attackers to recover the private key used for digital signatures; the 2015 hack of the U.S. lottery, where hackers exploited a flawed PRNG algorithm to predict winning numbers; the 2015 attack on the Bitstamp cryptocurrency exchange, which resulted in the theft of millions of dollars’ worth of cryptocurrency; and the 2008 attack on the OpenSSL library, which jeopardized the security of countless online transactions, are just a few examples of the many historical attacks exploiting the deterministic nature of PRNGs.

The advent and accelerated progress of quantum computers only amplifies these vulnerabilities. The sheer computational power of quantum machines allows for the swift identification of deterministic patterns within PRNGs, even in real time. Quantum algorithms specifically designed to exploit these weaknesses, especially when combined with advanced classical machine learning and artificial intelligence techniques, could potentially reveal the seed used for initialization, ultimately enabling the precise generation of cryptographic keys and undermining the confidentiality of sensitive communications.

Enter key generation processes that are hardened by quantum computers and provably non-deterministic. Unlike PRNGs, which exhibit deterministic patterns that can be exploited by both classical and quantum attacks, quantum computing–hardened encryption keys created through a provably non-deterministic process utilize the inherent randomness of quantum phenomena to provide a source of true entropy, a means of generating truly unpredictable numbers. By leveraging quantum computers available today, these processes can produce numbers (keys and seeds) that are provably random and non-deterministic, based on fundamental laws of quantum physics. By carefully integrating quantum computing–hardened and non-deterministic processes for encryption key generation into cryptographic systems, including those using PQC algorithms, the deterministic patterns that pose potential risks to IT security can be eliminated, enhancing resistance against both classical and quantum attacks.
Quantum Key Distribution

An effective layered defense against quantum computers should consider incorporating additional quantum-leveraging technologies, such as quantum key distribution (QKD) technologies. Unlike traditional cryptographic methods, which rely on complex mathematical algorithms, QKD leverages the fundamental properties of quantum mechanics to ensure the confidentiality and integrity of data transmission.

This is due to the “uncertainty principle” of quantum mechanics, which states that the act of measuring a property of a quantum system may alter some of the other properties of the quantum object (in this case, a photon). The very act of measuring quantum states introduces errors that can be identified by the legitimate parties, enabling them to abort the key exchange process if tampering is detected. QKD technologies can thus help to prevent attempts to intercept a key exchange communication by an adversarial eavesdropper. Consequently, QKD not only provides protection from real-time eavesdropping or man-in-the-middle attacks today but also prevents decryption by more powerful quantum computers in the future.

There is great promise in QKD technologies, but much work remains to be done. To deploy a QKD system, one must also install specialized hardware and infrastructure capable of generating, manipulating, and detecting quantum states, usually involving single photons. This complexity can make QKD systems expensive, bulky, and challenging to deploy on a large scale. Further, QKD does not take into account other aspects of cryptographic systems, such as key storage, revocation, or end-point authentication.

Overcoming these limitations remains an active area of research and development. Indeed, these challenges have been the driving force behind the guidance issued by the National Security Agency (NSA), which did not recommend QKD technologies for securing the transmission of data in national security systems. However, the NSA guidance only recommended against deploying QKD technologies in national security systems today; in the future, as advancements continue, QKD holds the potential to revolutionize secure communications in a world increasingly vulnerable to the threats posed by future quantum computing technologies.

For good reasons, there is ongoing debate about how and when to incorporate these various quantum-security approaches. After all, quantum computers capable of breaking any encryption system are still likely years away. But this is a question of when, not if, and the risk of “harvest now, decrypt later” is real. As organizations begin to map out their path to a quantum-safe future and mitigate current cybersecurity threats, it is essential that they consider the full range of security solutions available, including those leveraging the same quantum mechanical principles that present the threat in the first place. The path ahead requires continued collaboration, research, and investment to realize the promise of quantum-safe cryptography and ensure a secure future in the face of quantum advancements.

No comments:

Post a Comment