Forscher entwickeln Post-Quantum-Algorithmen

A Quantum of Hope

Scientists expect powerful quantum computers to be available in the near future. The downside is that new megacomputers may be able to crack key encryption methods.
Silicon Valley, the playground of countless IT and high-tech companies, is not infrequently one step ahead of the rest of the world and there are many indications that this will also be the case for the development of a quantum computer. South of San Francisco, the search engine giant Google, for example, is working on a megacomputer capable of solving problems, for which conventional computers still require billions of years of computing time, in an instant. Medical research could be stepped up, optimization problems could be solved, search algorithms could be accelerated, and large data resources could be trawled quickly. Google already unveiled its 72 Qubit quantum chip. The technology giant IBM has also announced that “in the years ahead” it will be launching a universal quantum computer as a Cloud service.

Today’s encryption will no longer be of any use

Elsewhere these projects are viewed with concern. A quantum computer would turn today’s cryptography on its head because many established and widespread encryption methods can be cracked in an instant by a powerful quantum computer, which is still way beyond the capability of classical supercomputers. Transmission of passwords and other sensitive data on the Internet using the TLS protocol, better known by its previous acronym SSL, would then become a serious security risk. The same would apply to algorithms like RSA, DH, ECDH, ECC, and to protocols based on them, such as IPsec, SSH, S/MIME or OpenVPN – all these asymmetrical encryption methods could be cracked.
And apparently that is already being worked on behind the scenes. The U.S. National Security Agency is working on a megacomputer based on quantum mechanics that would make cyber spying on governments or government authorities possible. This was reported by the Washington Post back in 2014, citing the former NSA employee Edward Snowden. One NSA warning sounds like an almost paradoxical footnote in this regard: A few years ago the NSA was already advising to switch to new encryption methods of post-quantum cryptography as soon as possible. 

Post-quantum cryptography: The quest for the antidote

Companies should nonetheless take the NSA’s advice to heart and use post-quantum algorithms as an antidote against the new superhackers. The problem is that standardization is a way away, which may be less critical for ensuring day-to-day security, but time is running out for the protection of information that must kept secret for five to 15 years. It all depends on when the first powerful quantum computer will be available.
Meanwhile, current data traffic is already at risk. Hackers could intercept and store encrypted information now and use a quantum computer to crack the cryptography in ten years’ time – or less. Is all of this just a pipe dream? Hardly. It is a well-known fact that the NSA is authorized to store encrypted data for as long as it takes to crack the cryptography.

EU research project on post-quantum cryptography

Progress in research is a reason to be hopeful, however. The EU is now also intensifying its research on post-quantum cryptography: The EU Commission is investing EUR 3.9 million in funding the PQCRYPTO (Post-Quantum Cryptography) project, launched in 2015. It involves universities and companies from 11 countries, including the Ruhr University in Bochum and the Technical University of Darmstadt. Research scientists are testing known post-quantum algorithms for security and usability and optimizing them, for example for the TLS protocol.
Final results are expected at the end of 2018. Telecommunications companies are testing both post-quantum algorithms and new cryptoalgorithms that will only run on quantum computers.
The research scientists are trying to stay one step ahead of the technical realization of quantum computers. “It is comparable to the development of classical computers at the beginning of the last century,” says the cryptologist Prof. Alexander May of the Ruhr University in Bochum . “Back then, theoretically highly efficient algorithms were also already developed before the computers themselves could be realized in practice.”

How companies are preparing for the quantum age

To ensure that today’s data traffic cannot be decrypted in the quantum age, companies urgently need to prepare here and now, says Enrico Thomae, a post-quantum expert at operational services GmbH, a joint venture of Fraport and T-Systems. “Companies should identify critical assets and take long-term security requirements into account as part of their risk analysis in order to protect information with a confidentiality period or life span of five to 15 years.” Thomae recommends a 256-bit key length for asymmetrical algorithms such as AES.
Especially for data stored in the cloud, it makes sense to use strong encryption to prevent third parties from gaining access to the information. As a rule, cloud services are even better protected than the IT in the data centers operated by average German companies. However, under the EU’s new General Data Protection Regulation (GDPR), the cloud user himself must assume responsibility for data protection. Ideally, companies should upgrade their cryptography for sensitive information that is supposed to remain confidential for long periods of time as soon as possible. Such information includes critical business or personal data. Through the pseudonymization of data, this information will remain under a company’s complete control at all times. Experts also recommend an analysis of the entire system. Their reason? Once the GDPR takes effect in May 2018, companies will possibly have to act quickly. Potential penalties for violations will be stiffened under the regulations: Fines could total up to €20 million or 4 percent of total global sales each year – depending on which figure is higher.
“Companies would be well-advised to explore the issue of crypto-agility as well,” said Tim Schneider, a cryptologist at Telekom Security. “Crypto-agility means that algorithms are used in such a way that they can be quickly replaced. Along with appropriate recoding processes, companies can react quickly to new attack processes or can clear the way for a future replacement if standardization of post-quantum algorithms is still under way.”
To wait and see could prove costly for companies. “Post-quantum cryptography plays an important role in the Internet of Things or the Connected Car,” Thomae says. Vehicles that are now designed with standard algorithms will be in production for five years and on the road for around another 15 years. “Remote updates to new algorithms are often not provided for, because hackers might hack this very function,” he explains. So a recall of these vehicles over the next 20 years should actually be included in the price right now – with damages running into billions of dollars. It takes years to upgrade the software of major companies and organizations because from decision to implementation the process can be lengthy. Critical infrastructure companies in particular are known for this.

Longer key lengths for a time buffer

Longer key lengths for asymmetrical algorithms create a time buffer, the post-quantum expert says.  Companies could develop hybrid processes combining a current encryption method and a new post-quantum algorithm.
Time is running out. Research scientists mostly agree that quantum computers will be around in the foreseeable future – and as we know, the wheels of Silicon Valley grind a little faster than everywhere else.

Weitere Beiträge