Lily Chen, NIST: How can HSMs help with the biggest security challenges of post-quantum cryptography?
Itan Barmes, Deloitte: On why we need to face the quantum risk to cryptography NOW!
Experts state that quantum computing will kill the two most frequently used, asymmetric crypto algorithms – those based on RSA and Elliptic Curve –, with a 17% chance that they will be broken within the next 10 years. What will this mean for you?
If your business is based on any of the above, and you have product life cycles that are longer than 5 to 7 years, you should read on. Your seeded microchips, secure elements, embedded HSMs, encryption keys and digital signature certificates, generated with the affected algorithms, are likely to be decrypted, compromised or cloneable within the next decade.
Click here to watch Michele Mosca’s view on it.
The good news is that new, quantum resistant algorithms will be available in the near future. The bad news is that replacing certificates, or the seeding in secure elements, rolling keys or exchanging crypto material with material generated using the new quantum resistant algorithms will take time. Implementing, and deploying quantum-safe material and algorithms will require a certain amount of “crypto agility”, i.e. you will need to be able to exchange non-quantum safe information with quantum safe information – secrets, chips and the code to use them – and possibly also on devices already in the market.
If you are in the business of designing products, schemes and architectures, that use embedded secure elements, digital certificates, payment mechanisms or IoT/connected devices, there will be no “1 size fits all solution” or algorithm in future. So, how do you make sure that what you design today is PQ-secure against future requirements? By designing for crypto agility. What does that mean in practice? Look out for the following points:
If you are working with HSMs as the backbone of the security infrastructure used to generate crypto material, try working with Utimaco HSMs. Our HSMs support the upgrading of firmware or algorithms (using CryptoScript) that allow new algorithms to be incorporated into the HSMs, as needed, to accommodate for the evolving demands on encryption.
We are proud of the fact that Utimaco HSMs are – already today – being used by major researchers in the post-quantum crypto field, by companies around the world, such as Isara, LG Electronics and Microsoft Research.
Microsoft Research has published their research based on the Utimaco SDK on their GitHub.
Technology based on quantum computers has the potential to revolutionize a wide range of different fields of IT and industry — in the positive as well as negative sense.
Are Utimaco products ready for post-quantum safe asymmetric cryptography today? So indeed, Utimaco supplies an ideal ecosystem for current research and advanced cryptography.