Difference between revisions of "Quantum Computing Threat"
From MgmtWiki
(→Solutions) |
(→References) |
||
| (26 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==Full Title or Meme== | ==Full Title or Meme== | ||
| − | Successful [[Quantum Computing Threat|Quantum Computing]] creates an existential threat to existing algorithms since quantum computing algorithms exist to crack traditionally intractable | + | Successful [[Quantum Computing Threat|Quantum Computing]] creates an existential threat to existing cryptographic algorithms since quantum computing algorithms exist to crack traditionally intractable problems like factoring the multiplication of two large primes used in RSA. |
==Context== | ==Context== | ||
Public key cryptography relies on certain mathematical problems that are very hard to solve, such as factoring large numbers that are the product of large prime numbers or finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point. If you know the private key components, you can sign the document or decrypt the data. If you don't have the private key and cannot solve the math, you cannot sign the document or decrypt the data. | Public key cryptography relies on certain mathematical problems that are very hard to solve, such as factoring large numbers that are the product of large prime numbers or finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point. If you know the private key components, you can sign the document or decrypt the data. If you don't have the private key and cannot solve the math, you cannot sign the document or decrypt the data. | ||
| − | == | + | ==Problems== |
| − | + | * Many systems exist which depend on existing public key technology. Some of these are embedded in hardware that cannot be changed once deployed. | |
| + | * Existing signatures or encrypted files will continue to need to be processed for many years to come. Certificate keys have a life time of up to 25 years. | ||
| + | * The approval process for new cryptographic algorithms takes many years of standardization and test to be sure that the work effort to brake them is sufficiently high. | ||
==Solutions== | ==Solutions== | ||
[[Public Key Cryptography]] has many benefits over [[Secret Key Cryptography]], the effort to create new algorithm to preserve the current PK protocols is underway now. | [[Public Key Cryptography]] has many benefits over [[Secret Key Cryptography]], the effort to create new algorithm to preserve the current PK protocols is underway now. | ||
| + | * [https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3148990/nsa-releases-future-quantum-resistant-qr-algorithm-requirements-for-national-se/ NSA Releases Future Quantum-Resistant (QR) Algorithm Requirements for National Security Systems] released 2022-09-07 | ||
| + | * [https://research.nccgroup.com/2022/07/13/nist-selects-post-quantum-algorithms-for-standardization/ NIST Selects Post-Quantum Algorithms for Standardization] (2022-07-13) | ||
| + | * [https://www.nextgov.com/cybersecurity/2022/07/nist-identifies-four-quantum-resistant-encryption-algorithms/368954/ NIST Announces First Four Quantum-Resistant Cryptographic Algorithms] US agency reveals the first group of winners from its six-year competition. (2022-07-05)<blockquote>The four algorithms contribute to NIST’s ongoing post-quantum cryptographic standard and will be finalized in roughly two years. They are available on [https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Post-Quantum-Cryptography-Standardization NIST’s website], and are referred to as Crystals-Kyber, Crystals-Dilithium, Falcon and SPHINCS+.</blockquote> | ||
| + | * [https://pq-crystals.org/ CRYSTALS] = The "Cryptographic Suite for Algebraic Lattices" (CRYSTALS) encompasses two cryptographic primitives: Kyber, an IND-CCA2-secure key-encapsulation mechanism (KEM); and Dilithium, a strongly EUF-CMA-secure digital signature algorithm. Both algorithms are based on hard problems over module lattices, are designed to withstand attacks by large quantum computers, and have been submitted to the NIST post-quantum cryptography project. | ||
| + | * [https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Brochure/quantum-safe-cryptography.pdf;jsessionid=8C2589A87F0171C51C02A6C9229D0344.internet081?__blob=publicationFile&v=4 Quantum-safe cryptography fundamentals, current developments and recommendations] Federal Office for Information Security (2021-10) | ||
| + | * [https://www.nist.gov/blogs/taking-measure/post-quantum-encryption-qa-nists-matt-scholl Post-Quantum Encryption: A Q&A With NIST’s Matt Scholl] 2021-10-27 | ||
| + | * [https://www.nccoe.nist.gov/projects/building-blocks/post-quantum-cryptography Crypto Agility: Considerations for Migrating to Post-Quantum Cryptographic Algorithms] NCCoE 21-06-05 cue on 2021-07-07 | ||
| + | * [https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04282021.pdf Getting Ready for Post-Quantum Cryptography:] NIST 2021-04-28 - Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms | ||
| + | * [https://www.nccoe.nist.gov/sites/default/files/library/project-descriptions/pqc-migration-project-description-draft.pdf MIGRATION TO POST-QUANTUM Cryptography] William Barker, Murugiah Souppaya NIST 2021-06 | ||
| + | * [https://csrc.nist.gov/publications/detail/nistir/8105/final "Report on Post-Quantum Cryptography"] | ||
| + | * [https://www.imperialviolet.org/ ImperialViolet: Post-quantum confidentiality for TLS (2018-04-11)] | ||
| − | *[https:// | + | * [https://www.nsa.gov/Cybersecurity/Post-Quantum-Cybersecurity-Resources/ NSA site] is updated from time to time |
| − | |||
==References== | ==References== | ||
| + | * For more information on [[Quantum Information Theory]] see that page in this wiki. | ||
| + | * It is likely that this threat was known to the NSA in Summer 2015 based on their action on [[Suite B]]. | ||
| − | + | [[Category: Glossary]] | |
| − | [[Category: | + | [[Category: Cryptography]] |
Revision as of 10:39, 2 October 2022
Full Title or Meme
Successful Quantum Computing creates an existential threat to existing cryptographic algorithms since quantum computing algorithms exist to crack traditionally intractable problems like factoring the multiplication of two large primes used in RSA.
Context
Public key cryptography relies on certain mathematical problems that are very hard to solve, such as factoring large numbers that are the product of large prime numbers or finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point. If you know the private key components, you can sign the document or decrypt the data. If you don't have the private key and cannot solve the math, you cannot sign the document or decrypt the data.
Problems
- Many systems exist which depend on existing public key technology. Some of these are embedded in hardware that cannot be changed once deployed.
- Existing signatures or encrypted files will continue to need to be processed for many years to come. Certificate keys have a life time of up to 25 years.
- The approval process for new cryptographic algorithms takes many years of standardization and test to be sure that the work effort to brake them is sufficiently high.
Solutions
Public Key Cryptography has many benefits over Secret Key Cryptography, the effort to create new algorithm to preserve the current PK protocols is underway now.
- NSA Releases Future Quantum-Resistant (QR) Algorithm Requirements for National Security Systems released 2022-09-07
- NIST Selects Post-Quantum Algorithms for Standardization (2022-07-13)
- NIST Announces First Four Quantum-Resistant Cryptographic Algorithms US agency reveals the first group of winners from its six-year competition. (2022-07-05)
The four algorithms contribute to NIST’s ongoing post-quantum cryptographic standard and will be finalized in roughly two years. They are available on NIST’s website, and are referred to as Crystals-Kyber, Crystals-Dilithium, Falcon and SPHINCS+.
- CRYSTALS = The "Cryptographic Suite for Algebraic Lattices" (CRYSTALS) encompasses two cryptographic primitives: Kyber, an IND-CCA2-secure key-encapsulation mechanism (KEM); and Dilithium, a strongly EUF-CMA-secure digital signature algorithm. Both algorithms are based on hard problems over module lattices, are designed to withstand attacks by large quantum computers, and have been submitted to the NIST post-quantum cryptography project.
- Quantum-safe cryptography fundamentals, current developments and recommendations Federal Office for Information Security (2021-10)
- Post-Quantum Encryption: A Q&A With NIST’s Matt Scholl 2021-10-27
- Crypto Agility: Considerations for Migrating to Post-Quantum Cryptographic Algorithms NCCoE 21-06-05 cue on 2021-07-07
- Getting Ready for Post-Quantum Cryptography: NIST 2021-04-28 - Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms
- MIGRATION TO POST-QUANTUM Cryptography William Barker, Murugiah Souppaya NIST 2021-06
- "Report on Post-Quantum Cryptography"
- ImperialViolet: Post-quantum confidentiality for TLS (2018-04-11)
- NSA site is updated from time to time
References
- For more information on Quantum Information Theory see that page in this wiki.
- It is likely that this threat was known to the NSA in Summer 2015 based on their action on Suite B.
