Part one of Qrypt’s “Quantum-Security Essentials” series of articles.
As the boundaries of technology and computing continuously expand, the realm of cryptography is evolving in tandem. Today, digital data security is paramount, like never before. Amidst this evolution, a robust field emerges — quantum security. While “quantum cryptography” concepts form a component, quantum security encompasses a broader range of strategies to secure data in a world on the brink of a quantum computing revolution. This blog post delves into the basics of quantum cryptography, highlights the critical distinction between quantum-safe and quantum-secure solutions, and underscores the urgency of adopting quantum-secure solutions to protect critical and long-term data.
II. Quantum Cryptography
Quantum cryptography is worth a brief explanation. Broadly speaking, it’s an emerging field of encryption science that employs principles of quantum mechanics to secure data [https://en.wikipedia.org/wiki/Quantum_cryptography]. A well-known technique in this field is quantum key distribution (QKD). QKD strives to achieve secure encryption key agreement by transmitting light through fiber optic cables. If an eavesdropper attempts to intercept the data transmission, the quantum state collapses, revealing the intrusion. Despite its promise, QKD is currently limited by its point-to-point nature, distance restrictions, and its inability to reach IoT devices or small endpoints like mobile phones or desktop computers, making it impractical for widespread use.
The primary objective of quantum cryptography, including techniques like QKD, is to enhance the security of encryption key exchanges or, in some instances, to eliminate the need for key transmission entirely. This goal is paramount in defining the field.
III. Quantum Safe vs. Quantum Secure: The Critical Difference
Quantum-safe solutions are cryptographic systems that, at present, are resistant to attacks from both classical and quantum computers. This resistance is based on the current understanding of mathematical problems deemed challenging to solve, even with the powerful capabilities of quantum computers. Notably, the term “resistant” implies that while no known methods to break these systems exist, future discoveries could reveal vulnerabilities. In fact, some algorithms that were initially considered resistant, such as the Rainbow, a round 3 candidate [https://eprint.iacr.org/2022/214], and SIKE, a round 4 candidate [https://www.schneier.com/blog/archives/2022/08/sike-broken.html], have been broken by classical computers. There is also ongoing research to improve quantum algorithms, like Grover’s, which could potentially weaken symmetric encryption [https://www.eurekalert.org/news-releases/959749].
Quantum-secure solutions, on the other hand, are designed to provide encryption that cannot be decrypted by any computer, including quantum ones. These solutions use a one-time pad (OTP) technique, where the encryption key is the same size as the data being encrypted. If the encryption key uses true random numbers derived from measurements of quantum sources, then it is computationally impossible to predict the key, rendering the system quantum-secure.
Understanding the distinction between quantum-safe and quantum-secure is crucial. While quantum-safe solutions offer adequate security, they may not be future-proof against advancements in quantum computing and algorithmic research. In contrast, quantum-secure solutions are designed to withstand the anticipated evolution of quantum technology, promising enduring security. The importance of quantum-secure solutions becomes particularly evident when protecting critical and long-term data, which must remain confidential for decades to come.
IV. Securing against quantum attacks – mitigating harvest now decrypt later
Understanding quantum security is essential in mitigating the risk of quantum attacks. The primary attack vector, known as “harvest now, decrypt later,” involves adversaries collecting encrypted data today for later decryption. Once asymmetric encryption, which is currently not quantum-safe, is broken, session keys and symmetric keys will be exposed. Therefore, mitigation involves either using quantum-secure encryption or eliminating the transmission of encryption keys altogether.
It’s essential to clear up a common misconception at this point: While AES is often touted as quantum-safe, the security of AES often hinges on the RSA mechanism — a type of asymmetric encryption — used to distribute its keys, which is not quantum-safe. If an AES key is delivered via RSA, the security of the AES encryption is only as strong as that of the RSA delivery mechanism. In a harvest now, decrypt later attack scenario, any harvested data that was encrypted using RSA can be decrypted later, exposing all AES keys in the process. This is at the heart of the quantum risk.
To learn more about the various aspects of quantum risk, you may refer to our comprehensive six-part blog series [https://www.qrypt.com/resources/?postCategory=Quantum+Risk].
As we brace for a quantum computing revolution, the importance of understanding quantum cryptography basics and their real-world implications cannot be overstated. Quantum-safe solutions offer a higher level of security. However, quantum-secure solutions, with their mathematically proven unbreakability, stand out as the ideal choice for protecting critical and long-term data.
In our next blog post in this Quantum-Security Essentials series, we will delve deeper into the tools for quantum security, spotlighting quantum random number generation and quantum-secure key generation. Stay tuned as we unravel more about the fascinating world of quantum security.