Quantum computers sufficiently powerful to break today's widely-deployed encryption may remain as vaporous as promises of ubiquitous fast 5G connectivity, but organizations should ready themselves for that high-risk possibility anyway.
Or, as a new report from the Alliance for Telecommunications Industry Solutions (ATIS) phrases this advice in acronymese, prepare for the eventuality of a CRQC with a CARAF.
This whitepaper released March 3, "Preparing Communications Networks for the Quantum Future," states upfront that Cryptographically Relevant Quantum Computers (CRQCs for short) may not be achievable anytime soon, but prudence demands adopting a Crypto Agility Risk Assessment Framework (CARAF).
At its most optimistic, this 19-page PDF cites a consensus assessment from the National Academies of Sciences, Engineering, and Medicine finding that "RSA 2048 cryptography will be safe for the next decade." But it also nods to a 2021 report from the Global Risk Institute that surveyed quantum-science experts and found that 28 out of 46 thought that within 15 years, the risk of quantum computing breaking current cryptography "would be likely or more likely."
In that case, the ability of quantum computers to outperform today's hardware by exploiting "entanglement" and "superposition" could pave the road for this parade of horribles:
- "No online system can be trusted anymore because the current key establishment and key exchanges can be breached."
- "No online presence can be trusted to be authentic because current digital signatures can be hacked."
- "Transaction non-repudiation becomes invalid because current signature algorithms can be forged."
What could stop that parade? The ATIS report points to ongoing work at the National Institute of Standards and Technology's Computer Security Resource Center to develop quantum-resistant encryption algorithms. That project has now advanced to the selection of a third round of candidates for encryption and signature algorithms that go by such fantasy- and sci-fi-influenced names as "FrodoKEM" and "Crystals-Kyber," with finalists set to be announced this year and a completed standard due in 2024.
Separately, research in Quantum Key Distribution (QKD) may allow for the secure exchange of symmetric encryption keys. Additionally, Quantum Random Number Generator (QRNG) efforts may allow the reliable generation of perfectly random seeds for encryption algorithms.
Some of these countermeasures, however, may impose costs in latency that could hit the "undo" button on recent performance boosts delivered by 5G and other connectivity advances.
Whether the threat of encryption-breaking quantum computing or the remedy of those post-quantum techniques materializes, the ATIS report urges enterprises, network operators and organizations to get cracking on their CARAFs.
That work should include inventorying assets at risk, estimating the risk (the report warns that nation-state actors most likely to adopt quantum computing first will have "big companies or governments" as targets), mitigating that risk by phasing out those assets or securing them with quantum-resistant encryption and plotting an organizational roadmap to handle continued evolutions of this threat – whatever that might be.
"There are so many different types of quantum technology, and it is not yet unclear which quantum computing technology will dominate," the report observes before invoking a metaphor that must have been written by a member of Generation X. "We are in the middle of a Betamax vs. VHS vs. Laserdisc battle that has yet to play out."
— Rob Pegoraro, special to Light Reading. Follow him @robpegoraro.