Crypto-agility was introduced in this year’s Gartner Hype Cycle, an annual analysis released for data security and emerging technologies. Gartner added both crypto-agility and post-quantum cryptography for the first time this year. The presence of data-in-use technologies in the Hype Cycle reflects the focus on data-in-transit security.
It is imperative that organizations watch this space closely and upgrade encryption algorithms used in real time, because sovereign data strategies and digital communications governance are crucial areas to develop. In fact, CISA (Cybersecurity and Infrastructure Security Agency) was already urging organizations to prepare for the dawn of this new age in August.
There is less of a worry with symmetric keys. As one uses sufficiently large key sizes, the symmetric key cryptographic systems like AES are already resistant to attacks. Key management systems and protocols that use symmetric key cryptography instead of public key cryptography are inherently secure against attacks by a quantum computer. The expanded use of Kerberos-like symmetric key management is an alternate means to achieve post-quantum cryptography over the need to rely on the newer asymmetric cryptography.
However, public key cryptography systems need to catch up. NIST has already released a few candidates for such ciphers. NIST is in its seventh year of vetting candidate algorithms, reducing 80 algorithm submissions to just a few. One finalist algorithm, the SIKE cryptographic algorithm, was hacked using a laptop computer in about 62 minutes. They did it using a single core on a six-core Intel Xeon CPU.
We must be worried about “harvest now, decrypt later” attacks. NIST expects completed post-quantum standards will replace the three existing public key cryptographic standards deemed most vulnerable: FIPS 186-5 (DSS), NIST SP 800-56A (ECC CDH) and NIST SP 800-56B (RSA).
Given the potential for quantum computers to break cryptographic standards more easily, we need to move from determining which algorithms are quantum-proof to determining algorithms that are quantum-resistant. As it gets more challenging to find robust ciphers that last, we need to adapt agilely to future cryptographic threats.
Such an ability, or crypto-agility as Gartner terms it, has actually already manifested itself in some of the well-known software we are using today. To this end, a number of software companies have already made their moves. Google and Signal are some of the technological companies that have demonstrated crypto-agility. In their bid to overcome “harvest now, decrypt later” threats, they have developed hybrid mechanisms which increase the difficulty for attackers to crack multiple ciphers, with at least one being quantum-resistant.
In August, Google introduced a quantum-resistant hybrid cryptography mechanism X25519Kyber768 in Chrome 116, which encrypts TLS connections. Google also released its first quantum-resilient FIDO2 key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich. Dilithium is a quantum-resistant cryptographic standard which is acclaimed for its security and performance. This hybrid implementation supports the FIDO U2F and FIDO2 standards.
In September, Signal added quantum-resistant encryption to its E2EE messaging protocol. Signal explains that its X3DH (Extended Triple Diffie-Hellman) key agreement protocol has been upgraded to PQXDH (Post-Quantum Extended Diffie Hellman). PQXDH is a combination of X3DH’s Elliptic Curve (EC) key agreement protocol and post-quantum key encapsulation called CRYSTALS-Kyber, which is also one of the NIST-approved quantum-resistant cryptographic algorithms that is suitable for general encryption and speedy operations that rely on small encryption keys.
To sum up what we need to accomplish in order to protect our organizations from emerging threats, the very first thing we need to do is to establish crypto-agility. In order to achieve that, we should follow CISA’s recommendation that all organizations start following the post-quantum cryptography roadmap, namely in the following seven-step sequence:
- Increase engagement with post-quantum standards developing organizations.
- Take inventory of the most sensitive and critical datasets that must be secured for extended time.
- Take inventory of systems using cryptographic technologies to facilitate a smooth transition in future.
- Identify acquisition, cybersecurity, data security standards that require updating.
- Identify where and purpose public key cryptography is used and mark as quantum vulnerable.
- Prioritize systems for cryptographic transition based on functions, goals, and needs.
- Develop plan for systems transitions upon publication of post-quantum cryptographic standard.
So, while we continue to watch this quantum entanglement space ever more closely, let’s keep ourselves crypto-agile with quantum-resistant (or resilient) cryptography. These concepts are not a matter of if or when but right now.
Editor’s note: Find more cybersecurity month blogs and resources from ISACA here.