Quantum computing is being pursued across industry, government and academia globally with tremendous energy, and powerful quantum computers will become a reality in the not-so-distant future. To ensure today’s data remains protected into the future, we need to implement now security solutions that safeguard against quantum attacks.
Contents
- Why are quantum computers a security threat?
- What is post-quantum cryptography/PQC?
- What progress has been made to develop new PQC algorithms?
- What is the recommended timeline for transitioning to PQC?
- How can I get ready to transition to PQC?
- What Quantum Safe IP solutions are available from Rambus?
Why are quantum computers a security threat?
It is well known that, once sufficiently large quantum computers exist, traditional asymmetric cryptographic methods for key exchange and digital signatures will be broken. Leveraging Shor’s algorithm, they will reduce the security of discrete logarithm-based schemes like Elliptic Curve Cryptography (ECC) and factorization-based schemes like RSA (Rivest-Shamir-Adleman) so much that no reasonable key size would suffice to keep data secure. Governments, researchers, and tech leaders the world over have recognized this quantum threat and the difficulty in securing critical infrastructure against quantum computers.
What is post-quantum cryptography/PQC?
New digital signatures and key encapsulation mechanisms (KEMs) are needed to protect data and hardware from quantum attacks. Many initiatives have been launched throughout the world to develop and deploy new cryptographic algorithms that can replace RSA and ECC without being vulnerable to either classic or quantum attacks. This is commonly referred to as “Post-Quantum Cryptography” (PQC), “Quantum Safe Cryptography” (QSC), “Quantum Proof” or “Quantum Resistant” cryptography.
What progress has been made to develop new PQC algorithms?
The biggest public initiative to develop and standardize new PQC algorithms was launched by The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST). International teams of cryptographers submitted algorithm proposals, reviewed the proposals, broke some, and gained confidence in the security of others. After multiple rounds of evaluations, on July 5th, 2022, NIST announced the first PQC algorithms selected for standardization. CRYSTALS-Kyber was selected as Key Encapsulation Mechanism (KEM) and CRYSTALS-Dilithium, FALCON, and SPHINCS+ were selected as digital signature algorithms.
What is the recommended timeline for transitioning to PQC?
The National Security Agency (NSA) published an update to its Commercial National Security Algorithm Suite (CNSA) in September 2022, CNSA 2.0. National Security Systems (NSS) will need to fully transition to PQC algorithms by 2033 and some use cases will be required to complete the transition as early as 2030. CNSA 2.0 specifies that CRYSTALS-Kyber and CRYSTALS-Dilithium should be used as quantum-resistant algorithms, with stateful hash-based signature schemes XMSS (eXtended Merkle Signature Scheme) or LMS (Leighton-Micali Signatures) for firmware protection. NSA 2.0 sets out an ambitious timeline for PQC algorithm adoption – other organizations across the globe are set to follow suit with their own guidelines.
- Understand where vulnerable cryptography like RSA or ECC is deployed in your products.
- Investigate what performance impact a PQC transition will have on your products and what makes sense for your product roadmap.
- Establish what transition timelines your products must observe.
- Speak with your customers and suppliers to ensure that expectations and plans align.
- Understand where vulnerable cryptography like RSA or ECC is deployed in your business infrastructure and business processes.
How can I get ready to transition to PQC?
The National Security Agency (NSA) published an update to its Commercial National Security Algorithm Suite (CNSA) in September 2022, CNSA 2.0. National Security Systems (NSS) will need to fully transition to PQC algorithms by 2033 and some use cases will be required to complete the transition as early as 2030. CNSA 2.0 specifies that CRYSTALS-Kyber and CRYSTALS-Dilithium should be used as quantum-resistant algorithms, with stateful hash-based signature schemes XMSS (eXtended Merkle Signature Scheme) or LMS (Leighton-Micali Signatures) for firmware protection. NSA 2.0 sets out an ambitious timeline for PQC algorithm adoption
– other organizations across the globe are set to follow suit with their own guidelines.
What Quantum Safe IP solutions are available from Rambus?
The RT-600 Root of Trust series from Rambus is the latest generation of fully programmable FIPS 140-3 compliant hardware security cores offering optional Quantum Safe security by design for data center, AI/ML and other highly secure applications.
The RT-634, RT-654 and RT-664 Root of Trust cores include a Quantum Safe Engine
The RT-634, RT-654 and RT-664 Root of Trust cores include Quantum Safe Cryptography to protect hardware and data against quantum attacks using the CRYSTALS-Kyber Key Encapsulation algorithm, the CRYSTALS-Dilithium digital signature algorithms, along with the stateful hash-based signature verification methods XMSS and LMS.
This new generation of the Rambus Root of Trust is a flagship product in the Rambus Quantum Safe IP portfolio that offers customers complete security solutions for the data center and advanced workloads like generative AI. Stay tuned for more updates in the future!
Explore more primers:
– PCI Express 5 vs. 4: What’s New?
– DDR5 vs DDR4 – All the Design Challenges & Advantages
– Hardware root of trust: All you need to know
– Side-channel attacks: explained
– Compute express link: All you need to know
– MACsec Explained: From A to Z
– The Ultimate Guide to HBM2E Implementation & Selection
Leave a Reply