Racing to save the internet

Marathon runners are a different breed, and I believe nobody should be permitted to use the metaphor “It’s not a sprint, it’s a marathon!” unless they’ve experienced first-hand the pleasure and pain of running 42.2 kilometers. To run a marathon successfully requires years of experience, months of intense training and an almost obsessive dedication to the technical, physical and mental aspects of the sport. Even with the best training and conditioning, however, some random accident or other event can still throw you completely off your stride.

More importantly, most marathon runners are painfully familiar with hitting “the Wall.” This happens typically between 30 and 35 kilometers, when the body has run out of its normal fuel supply of glycogen and needs to switch to alternate supplies. Beyond the physical discomfort is the emotional despair that the athlete experiences at the Wall, wondering whether there is any point to continuing the race. With sufficient experience and the right training, runners learn to anticipate the Wall, develop strategies to overcome it and dig deep within themselves to find the willpower to finish.

Training program
Our journey to quantum-safe encryption is indeed a marathon, not a sprint, and through our first two posts we brought the Wall into view. Fortunately, we have the tools and techniques to break through; all we need is the collective understanding and will to finish the job. Both the quantum computing and cryptography sectors have spent years anticipating the threat and preparing strategically and tactically to overcome it. Quantum computing has been the subject of theoretical and practical study for some decades already. The mathematicians and computer scientists who have been studying it now know why current cryptography is vulnerable and have identified ways to design new cryptographic algorithms that can resist quantum attacks.

As I wrote previously, the classical encryption algorithms in use today will eventually become vulnerable to quantum-based attacks. The mathematical problems underpinning current encryption, like finding the prime factors of very large integers, are simply not difficult enough for quantum computers.

Therefore, the solution is to find new types of mathematical problems whose time to solve increases exponentially for both quantum computers and classical computers. Luckily, Pure Mathematics is full of strange and extremely complicated problems that would appear to meet this requirement. These carry obscure names such as the Shortest Vector Problem in Lattices and are only well-known to a handful of number theorists. It turns out that lattice-based cryptography has become its own field of study with very promising results for defending against the quantum threat. The ongoing problem is to put these new encryption algorithms through rigorous testing to ensure that the keys they generate are, in fact, quantum-proof. Then, new encryption code needs to be developed, tested and put into production on a global scale. Y2Q is, indeed, a similar problem to Y2K—just far more complicated.

The race is on
The US Department of Commerce’s National Institute for Standards and Technology (NIST) has a mandate to certify new quantum-safe encryption algorithms. Many public and private sector organizations and universities have contributed candidate algorithms to NIST, where they undergo rigorous testing. Although some have already failed, a short list of four finalist algorithms had been compiled as of July 2022. Three of the four happen to be based on the aforementioned lattice-based cryptography. These algorithms will go through more rounds of testing and may yet change before a final standard is ready; however, NIST expects to announce a standard for Post-Quantum Cryptography (PQC) sometime in 2024.

Where PQC is a better, more fool-proof way of doing cryptography, it’s still based on the same techniques that have been used for decades. New, different cryptographic techniques based on quantum computing itself, like Quantum Key Distribution (QKD), are also being researched but will require considerably more work to be ready. Whether it’s PQC, QKD or eventually a hybrid cryptographic model, the finish line of this race is in sight and reachable.

Toward the finish line
What should organizations do now, given the uncertain timelines for both the quantum threat and the availability of new cryptography schemes based on PQC standards? Just like Y2K, the Y2Q threat is real and potentially devastating. Unlike Y2K, the solution is neither simple nor obvious, and cannot actually be deployed yet. However, we do know enough to get started on the planning and readiness work so that remediation can be implemented when it’s available. The last thing you want to do is wait until quantum technology has matured, or until the PQC standards are fully perfected—by then it might be too late.

Before you lace up your shoes and hit the road on your organization’s own quantum marathon, you should be familiar with and chart your course. Here’s how to think about it:

1. Take an inventory of data, applications and communication networks across the enterprise. This will include:

• Classifying data by sensitivity, lifespan and the risks posed to the organization from its possible exposure
• Identifying the encryption methods used today in networks, applications and databases.

2. Understand the process and technology changes that will be required to replace current encryptions. For instance:

• If encryption is built-in to applications, design and test code changes to enable abstraction of the encryption service so that it can be more easily replaced.
• Fix any existing vulnerabilities in current encryption.
• Work with third-party software vendors to ensure they have an upgrade path to PQC-compliance.
• Test the deployment and execution of candidate PQC algorithms until the standards are announced.

3. Establish a cryptography steering committee under CISO guidance. This committee should be set up to ensure you can:

• Enable continuous testing and validation of your encryption services, including performance benchmarking.
• Get regular updates from your third-party technology vendors on their initial and ongoing work to become and remain PQC-compliant.  
• Stay informed on current developments in quantum computing, PQC and QKD.

Once readiness plans for quantum-safe encryption are in place, organizations can also begin planning to adopt quantum computing itself, leveraging its power to transform many aspects of enterprise computing.But remember—it’s a marathon, not a sprint, and winning this race isn’t about getting a fresh leg up on the competition but something much bigger. It’s about keeping all our online data—indeed, the internet itself, the engine of our interconnected world—and therefore all of us, safe from the Y2Q threat. It doesn’t actually get much bigger than that.