Post-Quantum Cryptography – Having it Implemented Right
Security technologies are evolving at a rapid rate, as is computing. From historical computation paradigms to today’s digital logic, the once futuristic quantum computing is now rapidly approaching. With the emergence of quantum computers, conventional computers which follow the Transistor Binary Law (meaning 1 or 0, True or False, High or Low) would be easily outclassed by quantum computers which follow the Quantum Law (meaning 1 and 0 at the same time).
However, even though quantum computers outperform conventional computers in solving difficult mathematical problems and better handle optimization problems, they are difficult to build and deploy. Conventional computers are much more convenient for everyday applications such as cryptography, data processing or inference. Therefore, both types of computers will continue to coexist.
Even though quantum computers are not expected to replace conventional ones, some technological fields such as security must already anticipate and be adapted. Indeed, some of the security solutions currently implemented, such as public-key cryptography (ECC, RSA), are based on complex mathematical problems that could be easily solved by a quantum computer. They should therefore no longer be considered as mathematically secure.
It is within this context that “Post-Quantum Cryptography“, also called “PQC”, is emerging. Although PQC algorithms are meant to be robust against quantum computers, they remain vulnerable to state-of-the-art attacks, especially targeting the way they are implemented.
Vulnerabilities in Post-Quantum Cryptography
Initially, cryptographic algorithms were designed to resist “white box” attacks, i.e. an attack whose output and input are known by the attacker. Since 1996, Side-Channel Attacks have appeared. They are the very proofs of the relevance of the concept of horizontal attacks such as timing attacks, and vertical attacks such as power analyses.
Two types of attacks can be considered as potential threats as they exist both in classical cryptography and in post-quantum cryptography: passive attacks, where attackers do not interact directly with the target but rather exploit a physical property related to the activity of the sensitive data and active attacks where attackers interact directly with the target and disrupt its normal behavior.
Even though PQC is a different type of cryptography overall, it can still be vulnerable to the same exploits as conventional cryptography; and even more because a noticeable difference in PQC is that signature verification schemes can fail and so specific attacks can exploit this particularity.
Since post-quantum cryptography is new, implementations to protect it have not yet been strengthened but it is only a matter of time before they are.
Major actors in PQC and Secure-IC’s involvement
Many stakeholders have invested into the development and improvement of post-quantum cryptography. In addition, even several national agencies have launched numerous initiatives to further advance PQC research. For example, in China, the Chinese Association of Cryptographic Research (CACR) has already selected LAC, PKE and Aigis-enc cryptographic algorithms; in Japan several initiatives have been launched including by the Information Technology Promotion Agency (IPA), the Cryptography Research and Evaluation Committee (Cryptec) and the National Institute of Information and Communications Technology (NICT).
In France, the national investment bank approved the RISQ project, consisting of a consortium of industries and government certification bodies led by Secure-IC, to develop expertise and prepare for the migration to post-quantum security.
Finally, in the U.S., the National Institute of Standards and Technology (NIST) is one of the key decision-makers in PQC standardization. As a non-regulatory government agency, it develops standards to drive innovation and find the best approach to protect data from a quantum computer assault. Algorithm standardization is also in progress with PKE and KEM.
Implementing Post-Quantum Cryptography
Post-quantum cryptography can be implemented in both hardware and software. Its use offers internal security to devices by allowing secure boot and secure Over-The-Air (OTA) update services, as well as external cryptographic services such as authentication or proxy encryption. PQC is required to be certification ready.
PQC can be integrated as a stand-alone block or within a secure element, providing integration flexibility and additional “security in depth”.
The French National Cybersecurity Agency (ANSSI) and other government agencies recommend a mix of both PQC and classical cryptography so as not to rely solely on PQC methods. Indeed, having both types of cryptography avoids any security regression that could be linked to immature designs.
PQC is thus expected to be deployed in the next few years while meeting modern requirements for secure coding. Specific tools are required to test PQC in order to be able to quickly detect all relevant the state-of-the-art attacks. This approach is the only one that can guarantee a fast and correct dissemination of PQC.
Secure-IC is pioneering on PQC secure implementations in Hardware and Software and is involved in many initiatives to provide real use-cases, evaluate of implementation security and overall promote the idea of a really secure Post-Quantum security.
Do you have questions on this topic and on our protection solutions? We are here to help.