Post Quantum Cryptography

Zanetti, Marco and Würth, Isaac (2022) Post Quantum Cryptography. Other thesis, OST Ostschweizer Fachhochschule.

[thumbnail of HS 2021 2022-SA-EP-Zanetti-Würth-Post Quantum Cryptography und Crypto Agility.pdf] Text
HS 2021 2022-SA-EP-Zanetti-Würth-Post Quantum Cryptography und Crypto Agility.pdf - Supplemental Material

Download (2MB)

Abstract

Quantum computers are becoming a reality in the industrial sector. With the quantum cloud from IBM putting quantum computing resources within reach of everyone with an internet connection. The computing power of these machines is starting to surpass their conventional counterparts and they are opening up new opportunities for solving problems unfeasible on traditional computers. These can be complex logistical optimizations, simulations of molecular interaction in drug development or the quick calculation of incredibly hard mathematical equations, etc.. One of these mathematical problems, of which they can reduce the calculating time, is the so called factorization problem. The issue with this is, the impossibility to efficiently factorize large numbers on conventional computers has been the foundation of modern cryptographic algorithms like RSA and ECC.

Back in 1994, Shor’s Algorithm was invented for a more efficient way of breaking the factorization problem. This algorithm, if run on a quantum computer, could crack RSA (Rivest-Shamir-Adleman), which is based on said problem. But since the algorithm could only run efficiently on a future quantum computer, no change was needed in cryptography. Now that quantum computers have matured, this algorithm was put to the test, and it showed that it is capable of cracking asymmetric cryptography as expected. Rendering RSA useless is a huge problem for our modern IT infrastructure, since RSA is used in almost every data exchange via the internet. Quantum computers allow possible attackers to decrypt and read sensitive data in the near future, no matter how well it was encrypted. Secure communication as we know it, would cease to exist. A possible prevention with quantum resistant cryptography, so called "post quantum cryptography" will be the focus of this essay.

The goal of this essay is to provide an overview over what is currently being done to prepare the IT infrastructure for the coming quantum threat. This is done by showcasing the most pressing issues of post quantum cryptography and some relating topics which we picked to be researched further. These include the current technical development of quantum computers, the current status of NIST (National Institute of Standards and Technology) standardization process for post quantum algorithms, certificates, cryptographic agility, hardware security modules and quantum key distribution. All of these topics were regarded in relation to a future, where quantum computers are available to possible attackers. We want to show how the issue of broken cryptography is being handled at the moment, and which technologies can help to increase the security.

The procedure, with which this essay was created, is literature research. Sources are researched and afterwards assessed, evaluated and correlated.
During the writing and research of this thesis, we were able to show that quantum computers are taking shape, and already have surpassed their conventional counterparts in certain use cases. IBM managed to build a 127 quantum bit processor [1] which shows the development of quantum computers is coming along. Steadily increasing the qbit count every year.
Meanwhile, the cryptographic community has worked tirelessly to produce algorithms that can withstand a powerful quantum computer. The standardization process of these algorithms, lead by NIST is coming towards an end in early 2022, they aim to release a rough draft in the first half of next year [2]. Furthermore, the standardization procedure will continue, yielding quantum safe algorithms.
But the change of one cryptographic algorithm to another cannot be performed without adequate tools and preparation. This is where we show how the idea of hybrid certificates can help to tie us over this period of change. It enables us to use old and new algorithms side by side until the infrastructure has been adapted to the new algorithms, phasing out the deprecated ones.
As we can see, the cryptographic landscape is about to change, and the chances are high that it will be more fluid in the future. We need to say goodbye to our rigid and static understanding of cryptography and embrace it’s new fluid and agile nature. Crypto agility is the next spotlight of this essay in which we show how important it will be in the future to have an agile architecture, to be prepared for future algorithm changes.
Hardware security module manufacturers have also started to prepare for quantum computers. They develop solutions for post quantum cryptography capable devices. New exciting hardware and software solutions are being trialed. Thereby, they ease the transition from current cryptography to post quantum solutions.
Lastly, we could show how incredibly powerful and secure the technology of quantum key distribution is, but also highlight it’s drawbacks. While it is a highly interesting technology, its costs and limited range, which only lasts up to approximately 200-400km, prevent it from being used in many use cases. But it manages to perform well in certain use cases, such as short distance communications which need high security.

Our recommendation, for companies of any scale, is to start cataloguing their infrastructure. It is crucial to know your assets and have a clear understanding of ones own architecture. Be this physical assets, software or the used cyphers. Only then, you will be able to prepare for the transition to a post quantum cryptography architecture. While the transition does not need to start immediately, it is advisable to keep a close eye on releases by NIST. Once standards and guidelines have been published, which should happen in a timely manner, it will be important to evaluate possible solutions and to start planning the future transition to post quantum cryptography. The choice of the most suitable solution is highly dependent on the existing architecture and the business needs of a company, and cannot be universally determined. It is thus crucial to create a tailored solution for every company. Our essay gives solutions applicable to different use cases.

Keybords: algorithm,certificates,cryptography,ECC,NIST,QKD,quantum,RSA

Item Type: Thesis (Other)
Subjects: Area of Application > Industry
Area of Application > Academic and Education
Area of Application > Security
Technologies > Cryptography
Divisions: Bachelor of Science FHO in Informatik > Student Research Project
Depositing User: OST Deposit User
Contributors:
Contribution
Name
Email
Thesis advisor
Weiler, Nathalie
UNSPECIFIED
Date Deposited: 20 Apr 2022 08:52
Last Modified: 20 Apr 2022 08:52
URI: https://eprints.ost.ch/id/eprint/1012

Actions (login required)

View Item
View Item