What the C-suite needs to know about the DHS memo on  post-quantum cryptography

Quantum computing has the promise of changing aspects of our world unlike anything that we have seen in history.

Many fields of study stand to make monumental leaps in progress due to the significant increase in computing power afforded by the application of quantum physics to computing. Advancements in areas such as pharmaceutical development, disease etiology, material science, energy, aeronautics, weather forecasting, blockchain and financial modeling portend to be revolutionary when quantum computing reaches its maturity. All of these examples provide for a very positive impact. The implications related to cryptography are equally as impressive; however, for concerning reasons.

Data and communication transmissions today are protected by cryptographic algorithms developed over the past several years. The security of these algorithms is believed to be very strong and can withstand attempts of compromise, even by today’s supercomputers.

In September 2021, the U.S. Department of Homeland Security (DHS) issued a memorandum titled, “Preparing for Post-Quantum Cryptography.” In this memorandum, DHS highlighted the threat to the current cryptographic standards and to organizations in all sectors, including the government. We believe this will be the first of many memorandums and regulations that get published and approved around this topic.

The memorandum also provides guidance for a transition from the current cryptographic standards and technologies to postquantum encryption standards. Currently, however, a US postquantum cryptographic standard does not exist. The National Institute of Standards and Testing (NIST) is currently considering many algorithmic solutions to become finalists for the NIST standard. DHS’s goal is to provide a roadmap that will reduce the time needed to transition to these standards when they are made available through the NIST process.

By examining real-world analogs, the scope of cryptography’s importance is easily established. Encryption ensures adversaries cannot view data in an accessible data store or capture communication over networks by converting intelligible data, called plaintext, into unintelligible data, called ciphertext. The reverse process, from ciphertext to plaintext, is known as decryption. Without the confidentiality and integrity achieved by encryption, an adversary could inject, modify, or view data in a database or while it is being transmitted over a network, thereby compromising that data. Lastly, without authentication, an adversary computer can masquerade as a legitimate system to access a network or an application.

Cryptographic algorithms and protocols come in two forms: symmetric and asymmetric cryptosystems.

Asymmetric cryptosystems require significantly more computing power than their symmetric encryption counterparts. However, asymmetric cryptosystems reduce the complexity of managing cryptographic keys. In practice, asymmetric and symmetric cryptosystems are deployed together. Hybrid solutions leverage the advantages of symmetric cryptography’s computational efficiency, while benefiting from the pragmatic key management offered by asymmetric cryptography.

Figure 1. Users at risk for breach of data

An abstract illustration of how qubits work is the analogy of a coin that is both heads up and tails up simultaneously. It is this multiplicity that allows computing power to grow exponentially as the number of qubits expands, allowing for more and more computations to be performed simultaneously, and which also enables a quantum computer to solve certain types of problems more efficiently than a conventional computer.

Examples of the types of problems a quantum computer is able to solve, in which a conventional computer is not, include Grover’s algorithm and Shor’s algorithm.

In the last five years, China, Israel¹ and Russia² have all developed quantum computers, with China’s efforts on its Jiuzhang quantum computer claiming quantum supremacy³ in 2019.

The US private sector emerged as an early leader in quantum computing capabilities, having developed the first quantum computer as early as 1998, and most recently Google claims to have taken the lead with the introduction of its quantum computer Sycamore in 2019.⁴ Additionally, IBM has assisted Germany and Japan in entering the quantum race by partnering with both countries to build quantum computers. Like IBM, many other multinational companies have expanded the quantum computing landscape to a more global setting. Intel, Toshiba, Google and Alibaba Group all hold multinational patents in quantum technology. Google and Alibaba Group each hold patents in 12 countries.⁵

It is expected that the NIST will release its first set of approved algorithms in 2022 and publish standards for those algorithms by 2024. Since most cryptography implementations use one or more NIST standard, businesses should prepare for implementing the new standards.

The White House and DHS each released requirements related to the growing risks of quantum computing capabilities abroad — namely the need for identification and replacement of encryption algorithms that would not be resistant to quantum computing’s increased power and speed. The DHS memo listed specific algorithms that are likely to be vulnerable and informed component heads to expect detailed requirements related to reporting requirements for the transition of such algorithms in alignment with the timeline for the updated NIST standards.⁹

Additionally, the White House’s January and May 2022 memos built upon an earlier executive order mandating cybersecurity standards for federal information systems to include additional requirements to identify and replace vulnerable encryption practices with quantum-resistant algorithms on an aggressive timeline.¹⁰

The DHS states in its memo, “While the exact timeline of a quantum computer capable of executing advanced algorithms putting DHS cryptographic equipment inventory at risk is uncertain, the significance of the risk is not.”¹¹ Threat actors are also aware of the rapid pace of quantum computing and are looking ahead at the opportunities to exploit future vulnerabilities. These threat actors are currently exercising crypto harvesting techniques, where they are applying a “harvest now, decrypt later” approach to data theft. For many years, encryption has been the answer to the data loss challenge, but the application of Shor’s algorithm with a quantum computer is causing traditional encryption techniques to soon become obsolete and is driving an aggressive response.

The federal government is taking this risk very seriously and is advocating for a swift, proactive approach to mitigating the risk

The DHS is expecting federal agencies to complete their preparations for post-quantum protections prior to the NIST’s updated cryptographic guidelines, which are expected to be released in 2024. Additionally, President Biden issued a national security memorandum in January 2022 giving only 180 days for government agencies to “identify any instances of encryption not in compliance with NSA-approved Quantum Resistant Algorithms.”¹² And for those instances, they must create both an exception and a timeline for their remediation. The aggressive timelines set forth by the government are dramatically different from any timing we have seen in past migrations (e.g., SHA1 to SHA2). The DHS memo specifically states, “A slow transition could prove costly in terms of security.”¹³