Post-Quantum Cryptography – Four Ways to Address the Quantum Threat

3 min read
November 12, 2021

Written By: Garrett Bekker, 451 Research, part of S&P Global Market Intelligence

In our last blog post, we discussed the underlying importance of entropy as cryptography advances in terms of requirements and capabilities. One of the most significant advances will be Post-Quantum Cryptography (PQC), and here we’ll discuss some facets of PQC that organizations need to understand.

The crux of the problem is that quantum computing’s capabilities could quickly disable classical encryption schemes that are universally deployed and accepted, particularly asymmetric encryption approaches such as public-key encryption. Such classical algorithms under future threat include Elliptical Curve Cryptography (ECC) and RSA. Said otherwise, quantum computing will make it extremely easy to perform brute-force attacks on PKI, which forms the backbone of much of the current computing landscape. In this post, we will talk about four common approaches to help deal with the security threats posed by quantum computing

PQC Algorithms

Classical cryptographic algorithms like RSA are based on the difficulty of factoring large prime numbers. It has been estimated that breaking an RSA 2048-bit key will take 300 trillion years of classical compute time. Researchers Gidney and Ekerå have modeled how quantum computing could break RSA 2048 in only eight hours. 

Although the threats to classical encryption are still theoretical, in 2015 cryptographers at the NSA and NIST proactively began to focus on PQC algorithms, which are designed to be resistant to quantum attacks and can replace existing algorithms. As of November 2021, NIST has conducted three transparent rounds of PQC algorithm reviews and has seven PQC candidates, which are expected to be approved by 2024. 

Quantum Random Number Generation (QRNG) 

QRNG relies on using quantum techniques, such as quantum tunneling, to create randomness, or entropy. As we discussed in our blog post on entropy, randomness is critical for encryption, since without it, attackers can more easily ‘guess’ an encryption key. Quantum tunnelling uses subatomic particles as its source of entropy. According to quantum mechanics, the underlying electron behavior during quantum tunneling can never be predicted, and thus the variances in electron behavior allow for the creation of many random numbers, ensuring that encryption keys can be quickly and securely generated at scale. 

Pseudo-random number generators (PRNG), by contrast, always have some element of vulnerable determinism, affecting overall security. Although PRNG approaches scale with software, QRNG’s inherent nature provides significantly greater ability to scale RNG. QNRG is also a non-blocking source of entropy, making it suitable for advanced cryptography in both classical and PQC applications. Note that QRNG is not dependent on quantum computing, and QRNG doesn’t perform computations based on quantum mechanical principles like superposition and entanglement.  

Quantum Key Distribution (QKD) 

One of the core problems with encryption is how to securely exchange the keys between the parties that are looking to exchange data. QKD uses quantum properties to securely exchange bits or keys between two different locations. It does so by relying on the quantum phenomenon of the observer effect. Any attempt to intercept the key will fail because interacting with it will change its quantum state. In that sense, QKD is a highly secure means of exchanging encryption keys. 

QKD does have some drawbacks, however. For example, QKD relies on optical connectivity for both sender and receiver, but given the properties of photons, can only travel short distances. Some approaches have attempted to build dark fiber networks to help overcome distance challenges, which adds cost and complexity to the process, in turn making it commercially impractical. Additionally, QKD does not give the recipient the sender’s public key, so the recipient has no way to authenticate the sender. Deploying QKD may be desirable if both parties trust and authenticate each other in advance but do not trust the medium in between them as they share secrets.  

Quantum Key Management (QKM)  

Agile QKM offers the flexibility to handle encryption keys for today’s classical encryption applications and tomorrow’s PQC algorithms. As different protocols (IPSec, TLS, SSH) adopt PQC algorithms, it is reasonable to expect an extended transition time. Different applications will have different priorities.  Root-Level CA certificates that have a 10-year expiration are arguably more difficult to replace in a mature enterprise PKI. It is foreseeable that some applications may require both PQC and classical cryptography as PQC matures. It is also possible that PQC algorithms will change as quantum computing matures.  Agile QKM will need to resiliently handle all algorithm variations to preserve data confidentiality, integrity and availability.