Quantum Computing Threatens Current Encryption Standards
Quantum Secure Encryption Corp. warns that current encryption methods are becoming obsolete due to the advance of quantum computing. The organization estimates a $6.15 trillion investment will be necessary to transition to quantum-resistant solutions. This highlights the critical need for embedded systems in sensitive applications to adopt post-quantum cryptography (PQC) algorithms.
- The primary threat from quantum computers is to asymmetric encryption algorithms like RSA and Elliptic Curve Cryptography (ECC), which are foundational to secure web browsing, digital signatures, and data exchange. A sufficiently powerful quantum computer running Shor's algorithm, first described in 1994, could theoretically break this public-key encryption with ease. - Symmetric encryption algorithms such as AES are considered more resistant to quantum attacks. However, Grover's algorithm, developed in 1996, could effectively halve the security strength of these keys, meaning a 256-bit key would offer the security of a 128-bit key, necessitating a move to longer key lengths for long-term data protection. - The U.S. National Institute of Standards and Technology (NIST) has been leading a multi-year global competition since 2016 to develop and standardize quantum-resistant cryptographic algorithms. This proactive effort aims to replace vulnerable algorithms before a cryptographically relevant quantum computer is built. - In August 2024, NIST published the first three finalized PQC standards. These include CRYSTALS-Kyber (standardized as ML-KEM) for general encryption and key establishment, and CRYSTALS-Dilithium (ML-DSA) and SPHINCS+ (SLH-DSA) for digital signatures. - Unlike traditional public-key cryptography that relies on the difficulty of factoring large numbers, the new NIST-selected algorithms are based on different mathematical problems. These include problems related to structured lattices and hash functions, which are believed to be difficult for both classical and quantum computers to solve. - A significant concern driving the transition is the "harvest now, decrypt later" attack strategy. Adversaries are believed to be capturing and storing encrypted data today, with the intention of decrypting it years from now once a powerful quantum computer becomes available. - The transition to PQC is a complex undertaking that requires updating hardware, software, and protocols across all industries. NIST has set a timeline to deprecate the use of quantum-vulnerable algorithms in its standards by 2035, pushing organizations to begin identifying their cryptographic systems and planning for migration now. - In addition to the first standards, NIST is continuing to evaluate other algorithms to diversify the post-quantum toolkit. For instance, the Hamming Quasi-Cyclic (HQC) algorithm, which is based on a different mathematical foundation than ML-KEM, is expected to be standardized as a backup for key encapsulation.
