Frequently Asked Questions:
What is quantum safe cryptography, and why is it important?
Similar to the Y2K crisis, the technology industry is now facing a ‘Y2Q’ (years to quantum) challenge that has a limited timeline and requires significant work to ensure systems and information are properly protected. The massive processing power of quantum computers is such that all security that depends on existing standards is vulnerable. Quantum safe cryptographic algorithms can be used to create security solutions that will protect conventional computers against quantum attack.
What distinguishes ISARA as a leader in quantum-safe security solutions?
ISARA is the largest organization in the world focused solely on developing quantum-safe cryptographic solutions for integration into commercial products to protect against emerging security threats. The depth of our technical experience and expertise means we are prepared to overcome the technical challenges to build a quantum resistant toolkit and develop a portfolio of products that meets new security challenges. ISARA Radiate offers customers the chance to start deploying quantum resistant technology in a variety of commercial solutions, through drop-in algorithm replacements that allow them to build products with an emphasis on quality assurance and efficient integration.
How would an attacker with a quantum computer try to break security?
The best-known quantum algorithm, Shor’s algorithm, is good at finding hidden subgroups and can break asymmetric algorithms (based on the hard problem of factorization or discrete logarithms) in polynomial time. RSA, DSA, ECDSA, DH, ECDH all fall into this category. The best quantum algorithm to attack the less vulnerable cryptography (symmetric and quantum safe asymmetric algorithms) is Grover’s algorithm, which offers what’s known as ‘quantum speedup’ through quadratic improvement to unordered search. This means that for algorithms like AES, the effective bit strength is cut in half. Doubling the key size is considered a reasonable measure to mitigate quantum attacks that use Grover’s algorithm.
What makes ISARA Radiate unique?
ISARA Radiate includes a complete quantum safe algorithm toolkit for commercial use to secure vulnerable computer security against quantum computer attacks, and multiple integration tools to simplify development options and accelerate integration into existing or new products. ISARA Radiate means that it implements a quantum safe version of each type of public-key algorithm: public-key encryption, digital signature, and key agreement. It is also the first security solution on the market to offer a speed-optimized version of the ‘NewHope’ lattice-based algorithm detailed in the New Hope paper.
Why should I worry about the quantum threat now?
Any encrypted data where key establishment is communicated or stored along with it will not remain confidential beyond Y2Q. With the current Y2Q deadline estimated to be 10 years, any data that must remain confidential beyond this point is already vulnerable. Steps to protect this data need to be taken now. Even without the current data being at risk, the rollout of new key establishment algorithms may take years and planning should start now. Although replacing current authentication algorithms is less urgent than key establishment, upgrading current Public Key Infrastructures (PKIs) that provide authentication for much of the sensitive data in the world will take much longer. The biggest challenge is that, whereas key establishment algorithms can be rolled out in phases, authentication algorithms in PKIs have to be rolled out in parallel. The classic algorithms need to remain available until every possible reliant system has been updated and new roots of trust have been installed. A decade is not an unreasonable estimate for some very large enterprises to change over.
What does quantum safe mean?
Quantum safe (interchangeable with quantum resistant or post-quantum) is used most often to refer to algorithm-based cryptosystems that do not rely on quantum technology to achieve quantum safe security in conventional computer ecosystems. Potentially, these algorithms include lattice-based, multivariate quadratic-based, hash-based, and isogeny-based cryptosystems. This term is not typically applied to physical quantum technologies, such as quantum key distribution (QKD).