The quantum-safe migration: cryptography’s overhaul

By Scott Totzke, CEO, ISARA Corporation

Since the 1970s, the technology industry has built a trust system rooted in public key cryptography which allows our transactions and communications to be properly authenticated. But within a decade, a large-scale quantum computer will break this system requiring a seamless (and “great”) migration to the next-generation of cybersecurity: quantum-safe cryptography.

On October 17th, the Hudson Institute – a think tank headquartered in Washington, DC – gathered quantum computing and cybersecurity experts to explore the quantum threat from a security and policy perspective.

Mentioned several times throughout the event was the migration to a quantum-safe state. Below is a quick overview explaining what’s meant by a seamless (and “great”) quantum-safe migration and what’s needed to make it possible.

 

What will be affected? Where is public key cryptography used?

Cryptography is built into almost all of the technology we use today.

Everything from the chip in a debit card, over-the-air software updates pushed to smartphones and connected cars, and online banking applications use cryptography.

It could be said that one of the technology industry’s greatest success stories is the ubiquity and effectiveness of strong cryptography. But it was no small feat. Developing and integrating strong cryptography is very complicated, starting with years of research and analysis by the world’s top mathematicians and several more years to standardize and implement.

More importantly, as a technology user, cryptography and the security it provides is mostly invisible – except when it’s intentionally called out. An excellent example is a green lock in a web browser’s address bar letting you know your connection is secure.

 

The “great” migration to quantum-safe security

Due to the ubiquity of cryptography, the more connected we are, the greater the migration to quantum-safe security becomes. By 2020, Gartner reported that there will be 250 million connected cars on the road, and 20 billion “connected things” by the same time.

Realistically it’s not possible to recall every “connected thing” to upgrade it to quantum-safe security. In some cases, such as with critical infrastructure, it’ll need to be upgraded while in-field.

Starting the migration now reduces the number of connected things launched without protection from a quantum computer enabled attacker, which can save organizations and governments considerable costs and resources in the future.

 

What does a seamless migration require?

Making a seamless migration within the decade, while preserving the user experience, will require a significant amount of work. Collaboration between OEMs, government, academia and standards organizations around the world is essential.

As Dr Arthur Herman, Senior Fellow at the Hudson Institute, stated during his closing keynote: “this is going to be a massive effort, it can’t be done all at once.”

Today, OEMs and governments can begin creating quantum-safe products and solutions with the ISARA Radiate Security Solution Suite™. It’s the first complete quantum-safe, crypto-agile solution offering a high-quality implementation of quantum-safe algorithms and integration tools built for developers.

Start planning your seamless migration to quantum-safe security today. Get in touch with our experts to get started.

 

All of the presentations from the Hudson Institute’s Quantum Revolution: Security & Policy Implications symposium are available on their website.

Additional media coverage of the event: