Given that modern society is increasingly becoming digital, there is growing demand for safe, secure communications. While cryptographic standards and digital certificate systems such as public key infrastructure (PKI) offer the verification, authentication and encryption required to protect digital communications, one threat to emerge in recent times is the prospect of these secure communications systems being compromised by quantum computers.
The idea of quantum supremacy, where certain computational tasks can no longer be run on classical high-performance computing architectures, is still some way off. Yet the speed promised by quantum computing, and hybrid architectures that use quantum technology to accelerate certain functions in an algorithm running on a classical computer architecture, represents both an opportunity and a risk to society.
Researchers around the world are exploring how quantum computing algorithms can be used to solve extremely complex problems. Quantum computing promises huge societal benefits, such as helping to tackle climate change, improving efficiencies in chemical processes and drug discovery, and all manner of complex optimisations that cannot be run on classical computing systems. But as quantum computers evolve, there is also a growing concern that the technology will break existing cryptographic standards. In effect, they will become powerful enough to crack encryption keys extremely quickly.
“If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the internet and elsewhere,” the US National Institute of Standards and Technology (NIST) warns in a draft proposal for post-quantum cryptography (PQC).
This would have a profound impact on the security of the internet. “Once large-scale, fault-tolerant quantum computers become a reality, encryption protocols that have protected sensitive information for years will become vulnerable to attacks,” says John Cullen, a strategic marketing director for cyber security at Thales. “As the advent of quantum computing looms closer, the future security of PKI hangs in the balance.”
Cullen believes cyber criminals will eagerly exploit the weakness in PKI systems to gain unauthorised access to valuable data. “It is therefore imperative for organisations to take proactive measures to protect themselves – before quantum technology becomes mainstream,” he warns.
This is why standards bodies such as NIST and ETSI, the European standards body for IT-enabled systems, have become involved in quantum computing.
Jonathan Lane, a cyber security expert at PA Consulting, points out that the likes of NIST and ETSI are several years into programmes to identify and select post-quantum algorithms (PQAs), and industry and academia are innovating. “We are approaching some agreement on a suite of algorithms that are probably quantum-safe; both the UK’s NCSC [National Cyber Security Centre] and the US’s NSA [National Security Agency] endorse the approach of enhanced public key cryptography using PQA along with much larger keys,” he says.
Lane says the NCSC recommends that the majority of users follow normal cyber security best practice and wait for the development of NIST standards-compliant quantum-safe cryptography (QSC) products.
Quantum cryptography for financial services
One sector that is looking closely at the development of quantum computing is banking, specifically how it will impact the cryptographic standards it relies on for safe and secure payment processing.
In July, for instance, HSBC announced it was working with BT, Toshiba and Amazon Web Services (AWS) on a trial of quantum secure transmission of test data over fibre-optic cables between its global headquarters in Canary Wharf and a datacentre in Berkshire, 62km away, using quantum key distribution (QKD).
QKD uses particles of light and the fundamental properties of quantum physics to deliver secret keys between parties. These keys can be used to encrypt and decrypt sensitive data, and are safe from eavesdroppers or cyber attacks by quantum computers.
QKD is set to play a key role in protecting financial transactions, client data and proprietary information across the financial sector. HSBC processed 4.5 billion payments last year, worth an estimated £3.5tn. These electronic payments rely on encryption to protect customers and businesses from cyber attacks, which is one of the reasons the bank has established a quantum strategy. This includes trials of QKD and PQC.
BT and Toshiba have been collaborating on a trial quantum secure network since October 2021. This network offers what BT describes as “a range of quantum-secured services including dedicated high-bandwidth end-to-end encrypted links”. It is delivered over Openreach’s private fibre networks. Toshiba provides quantum key distribution hardware and key management software.
In April 2022, BT and Toshiba, along with EY, launched a trial of a world-first commercial quantum-secured metro network based on this technology. The infrastructure connects EY customers across London, helping them to secure the transmission of data and information between multiple physical locations over standard fibre-optic links using quantum key distribution.
HSBC is the first bank on the BT/Toshiba infrastructure. HSBC hopes its investigation of quantum-secure communications will help it provide evidence around the advantages of quantum technology and drive the development of applications in financial cyber security. According to HSBC, its quantum scientists, cyber crime experts and financial specialists will be better able to analyse the potential threat posed by powerful quantum computers and devise strategies to safeguard sensitive information.
The IoT dilemma
At the other end of the spectrum of application areas for cryptography are low-powered internet-connected devices. PA Consulting’s Lane notes that since internet of things (IoT) devices generate and exchange data, IoT applications require this data to be accurate and reliable. Since devices tend to be networked, their exploitation can open attack vectors in wider systems, which could have an extensive and global impact, he warns.
For instance, in 2016, the largest ever botnet attack was launched on domain name system service provider Dyn using Mirai malware. According to Lane, this malware looked for IoT devices running the Linux ARC operating system, attacked them with default login information and infected them. This enabled huge numbers of IoT devices to be used together in distributed denial of service (DDoS) attacks, resulting in significant parts of the internet going down.
Researchers are looking at how to improve IoT security, and post-quantum cryptography is likely to be an area that will grow in importance. But Lane warns that most of the enhanced QSC standards appear to require considerable computing power to deal with complex algorithms and long keys.
“Many IoT sensors may not be capable of running these,” he says. “Until NIST delivers its QSC standards, we won’t know whether they will work within IoT constraints. If they don’t, then there is a gap in the formal development of IoT QSC solutions.”
Lane believes asymmetric cryptography may offer a way to implement a viable low-resource PQC algorithm. “Symmetric cryptography is currently favoured by the IoT industry as a low-power mechanism, but the problem of secretly distributing the same keys to each party remains, and quantum enhancements may push up power requirements,” he says.
Then there are symmetric key establishment mechanisms where innovation may help, as alternative approaches are being considered.
These include quantum key distribution, where the properties of quantum mechanics are used to establish a key agreement, rather than using difficult mathematical problems that quantum computers will solve quickly. However, Lane says QKD requires specialist hardware and does not provide a way of easily enabling authentication, and the NCSC does not endorse QKD for any government or military applications.
Secure key agreement (SKA) is another alternative approach. Lane says some companies are experimenting with computationally safe ways of digitally creating symmetric keys across trusted endpoints. “This type of low-power, software-based capability offers an interesting alternative for the IoT,” he adds. Although independent verification of this type of capability is happening, Lane says the approach is neither on NIST’s nor ETSI’s radar.
Evolving quantum tech is linked to IT security
Overall, IT security needs to evolve to combat the imminent threat of all-powerful quantum computers rendering existing cryptography obsolete. Thales’ Cullen warns that the future of a secure and connected world hinges on the ability to defend against PKI attacks and safeguard the trust placed in these security measures.
“The industry must explore new ways to bolster policies, procedures and technology,” he says. “As the advent of quantum computing looms closer, the future security of PKI hangs in the balance.”
The risk of quantum attacks on existing encryption protocols demands proactive action from organisations and governments alike.