Quantum computers could one day crack today’s encrypted messages. But this is one threat the IT industry is anticipating before it strikes.
It’s a sad feature of the digital age that cybersecurity often plays catch-up with cyberthreats. From the earliest viruses to the latest deep-fake deceptions, security systems have had to react to ever-evolving threat landscapes after the fact. But potential quantum threats may be too serious to ignore.
In July 2024, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is expected to release standards to protect computers against a hazard that does not yet exist.
The threat in question would be a computer powerful enough to crack the encryption that currently keeps your online data and conversations safe from prying eyes.
If that happens, hackers could potentially gain access to pretty much everything you have ever said or done online. Encryption is used to protect online traffic, generate digital keys so devices can communicate securely, and confirm the identity of the parties involved in communication.
It works because cracking public key cryptography, which is used to secure everything from websites to digital signatures, involves prime-number calculations that are too complex for today’s computers.
But as Martin Lee, technical lead of security research within Cisco® Talos®, has previously explained in the Cisco Newsroom, a quantum computer could calculate almost infinite possibilities simultaneously — and crack many of our current secure encryption algorithms.
“What might take a classical computer 100 years or more to calculate could take a quantum computer only minutes, opening opportunities for risk and threats to our current privacy and cybersecurity protections,” said Rakesh Kandula, technical marketing engineer at Cisco.
‘An intolerable level of risk’
As far as we know, no one has yet created a quantum computer powerful enough to crack public key cryptography, and it is not certain that the concept would ever work in practice.
But there is a growing consensus that the advent of quantum computing — and the risk of public key cryptography being hacked — is just a matter of time.
According to the 2023 Quantum Threat Timeline Report by the Toronto-based Global Risk Institute, there is a roughly 11 percent chance of a cryptographically relevant quantum computer being developed within five years, and a 31 percent chance of it inside a decade.
“Even a ‘pessimistic’ interpretation gives a ~33 percent average likelihood of a disruptive quantum threat in the next 15 years,” the report stated. “This suggests that many organizations may already be facing an intolerable level of risk requiring urgent action.”
Cybersecurity authorities have long been aware of this danger, however. In 2016, NIST issued a call for post-quantum cryptography requirements and evaluation criteria, followed by a request for quantum computing-proof cryptographic algorithms.
Draft standards were proposed in 2023 and NIST is due to release its final versions for Department of Commerce approval around the middle of 2024.
There are good reasons to hurry along with the implementation of post-quantum cryptography standards even though the threat posed by quantum computers might not appear for years.
The first is that any new standard will naturally take some time to be rolled out by technology vendors, and until it is ubiquitous there will always be a risk.
“When someone gets a quantum computer, they could potentially break the keys used to verify programs, then modify those programs,” said Scott Fluhrer, a Cisco principal engineer who is one of the world’s foremost experts on post-quantum cryptography. ”This is a concern now because the low-level verification logic is in hardware, which is by design difficult to update.”
Fluhrer continued with another present-day worry: “Someone in the middle could record encrypted traffic even if he doesn't have a quantum computer at the time. Then, when he gets a quantum computer, he can use it to break the process that generated the keys and decrypt the traffic.”
Because of these issues, the U.S. government is mandating the transition from cryptographic systems to quantum-resistant cryptography, with a goal of mitigating as much of the risk as is feasible by 2035.
Cisco enters the quantum age
Post-quantum cryptography should be in place well before then, but technology vendors such as Cisco are not taking any chances.
Several approaches are being readied to protect networks and information against quantum computer attacks, even as NIST prepares to release the definitive standards.
One methodology espoused by Cisco is to use so-called Postquantum Preshared Keys (PPKs), which are used to generate the traffic keys. If the PPKs are sufficiently long and random, the keys used to protect the traffic are safe from a quantum computer.
The problem with PPKs is there needs to be a way of sharing the keys that is not subject to interception. For this, there is a proprietary protocol called Secure Key Integration Protocol enabling any Cisco router supporting encryption to use keys provided by a quantum distribution system.
Other quantum-safe encryption keys exist today for companies concerned about an immediate quantum computing threat.
But with cryptography-cracking quantum computers still unlikely for many years and NIST standards around the corner, this is one security issue that leaders may not have to worry about.
Xavier Azemar, the head of Cisco Innovation Labs in Spain, confirmed that high-risk sectors such as banking are following developments in post-quantum cryptography.
"I’m talking to customers about this," he said. "Although I don’t see them being overly concerned, they are interested in starting pilots or proofs of concept to understand the state of the art of post-quantum cryptography and the implications these algorithms will have on their networks."