Get Ready for Y2Q
Now that Apple is switching to post-quantum security tools, you should probably think about your organisation's strategy too.
Dateline: Woking, 2nd July 2024.
Remember when the Russians published the contents of top secret Germany army discussions about missile deployments? According to Der Spiegel magazine, the discussions did not take place on a secure army network but on WebEx. Perhaps it’s time to start taking security seriously, as Apple has done.
Post-Quantum Security
Apple are introducing new security to their iMessage service in the form of the PQ3 protocol, an end-to-end encrypted messaging protocol designed for exchanging data in long-lived sessions between two devices (e.g., chats with your friends). Why is this interesting? Well, it’s because it uses “Kyber", an algorithm selected by the National Institute for Standards and Technology (NIST ) as one of its post-quantum security standards.
Post-quantum security means security that employs cryptographic principles and practices designed to secure communications and data against the potential future threat posed by quantum computers. Traditional cryptographic systems use classes of algorithms, including the algorithms used to secure today’s internet communications of all kinds (including banking, shopping and messaging), based on mathematical problems that are difficult to solve with classical computers but could be easily solved with quantum computers.
Quantum computers operate on the principles of quantum mechanics, allowing them to process information in ways fundamentally different from classical computers. While large-scale quantum computers capable of breaking these current cryptographic systems are not yet a reality, the potential for their development poses a significant threat to contemporary security measures.
With this threat in mind, organisations are beginning to think about switching to post-quantum cryptography (PQC). There are a number of drivers for this significant change in the way that the online world will work. These include:
Secrecy: Many current encryption systems do not offer forward secrecy against future quantum attacks, meaning that all previously encrypted communications could potentially be decrypted if the encryption keys are ever broken, undermining the integrity of all communications.
Stability: The global financial system relies on cryptography to secure transactions and protect sensitive data. Quantum computing could undermine these protections, exposing economies to potential destabilisation.
Privacy: Individual privacy depends significantly on strong cryptographic standards. You can have security without privacy, as the old saying goes, but you can’t have privacy without security. Without quantum-resistant encryption then personal data, communications and other private information could become accessible to adversaries equipped with quantum computing technology.
with kind permission of Helen Holmes (CC-BY-ND 4.0)
To address these challenges, researchers and organisations are actively working on developing PQC standards. These new cryptographic algorithms aim to be secure against both classical and quantum computational attacks, ensuring the continuity of secure digital communications and data storage into the quantum era. NIST, with other international bodies, is leading efforts to standardise post-quantum cryptographic algorithms.
Signals for Change
Kyber, used by Apple, is one of these algorithms. Technically it is a key encapsulation mechanism (KEM) designed to be resistant to attacks with future quantum computers. It is used to establish a shared secret between two communicating parties without an attacker in the transmission system being able to decrypt it. A detailed analysis of the protocol from the University of Waterloo shows that PQ3 provides confidentiality with forward secrecy and post-compromise security against both classical and quantum adversaries, in both the initial key exchange as well as the continuous rekeying phase of the protocol.
In others words, it’s pretty secure.
It’s not only Apple moving in this direction. Signal, a widely-used messaging service (their protocol is used by other services as well) introduced post-quantum cryptography last year. Their new protocol (known as PQXDH) is already in the Signal client applications they say that in a few months time they will disable their old protocol and require post-quantum for all new chat.
So if Apple and Signal are shifting to post-quantum security, it’s probably time for fintechs to look in that direction too. While working quantum computers capable of breaking today’s security may be a few years away, they will undoubtedly be here one day. Bruce Schneier, a leading expert in the field (and someone who I always listen to on such matters) says that now is probably the right time to worry about, and defend against, attackers who are storing encrypted messages in hopes of breaking them later on future quantum computers.
(Your enemy could harvest your data and then tuck it away safely until a quantum computer comes out a decade from now, when they can then get access to your data.)
I don’t know if Dan Oliver coined “Y2Q”, but I love it. Unlike Y2K, where we knew exactly when we might get into trouble and could take (as it turned out, very successful) action to mitigate any problems, we have no idea when we will reach Y2Q: that is, the time when a quantum computer will render today’s encryption methods useless. As he says, It may be 10 years away. Or it could be much closer.
Why Change?
If you provide critical infrastructure — such as power grids, transit systems or financial services — then you already rely on cryptography and you need a Y2Q strategy, starting with assessing the risks and understanding which assets are most vulnerable to quantum attacks. This way, you can prioritise the integration of quantum-resistant algorithms. You might also want to think about training cybersecurity personnel in post-quantum cryptography concepts and techniques to be ready for future implementations as well as putting place the disaster recovery plan in case of Ethereum founder Vitalk Buterin labels a “quantum emergency”: That is, an unexpected advance in quantum computing that means attackers can defeat your defences.
(In the case of Ethereum, for example, this response would mean a preemptive hard fork to revert the network to a pre-theft state. It will require users’ adoption of advanced, quantum-resistant wallet software. This means adopting the transaction protocol outlined in Ethereum Improvement Proposal (EIP) 7560, which defends against quantum decryption efforts by concealing private keys.)
Note to management consultants who want to copy and paste this into a report to clients. Please go ahead.
There is no need to panic. Your organisation does not need to switch to post-quantum cryptography tomorrow. However, a good post-quantum security strategy is a sound basis for ensuring the resilience of your services against future quantum threats, so you should probably start work on one tomorrow.
Are you looking for:
A speaker/moderator for your online or in person event?
Written content or contribution for your publication?
A trusted advisor for your company’s board?
Some comment on the latest digital financial services news/media?