Introduction to Quantum Computing and Post-Quantum Cryptography (PQC)
In this episode, Greg Wetmore, Vice President of software development at Entrust, provides a gentle introduction into the topic of quantum computing and what's being done – and should be done – to prepare for the post-quantum world.
Samantha Mabey: Welcome to Entrust Engage, an open forum for the most innovative leaders in security technology. I'm Samantha. Mabey. On today's episode, we're going to dig into the topic of quantum computing and what's being done and should be done to prepare for a post-quantum world. I'm joined today by my colleague, Greg Wetmore, vice president of Software Development at Entrust. Thank you so much for joining me today, Greg.
Greg Wetmore: Well, thanks for the invitation, Samantha, and thanks for choosing such an interesting topic today.
Samantha Mabey: Yeah, of course. So yeah, the topic of quantum computing, it's a big one and an important one, and I think something that not everyone understands. So I appreciate you taking the time to share your expertise around it. And I think a good starting place is to get a better understanding of quantum computers. So if you don't mind taking us through that, what exactly they are and how they differ from traditional computers.
Greg Wetmore: Sure. So it probably goes without saying traditional computers are all around us. And not only in sort of what you might think of first, your smartphone or your laptop, but in just about every electronic equipment or machine you interact with as part of your life. There's a computer chip in that. Computer chips are made of silicon, and they operate on binary data or ones and zeros that we call bits. And in contrast to that, a quantum computer uses and operates on a totally different physical property called quantum mechanics. Quantum mechanics or quantum theory is a branch of physics that describes how atoms or molecules interact at a subatomic level, and it's the nature of these quantum interactions that allow a quantum computer to solve certain kinds of problems incredibly quickly, in fact, exponentially faster than a classic computer can.
Samantha Mabey: No, I think that's great. And actually in our space, we often hear people talking about the threats that are associated with quantum computers once they're realized. And I've been lucky enough to hear you speak on this topic before, and I do like how you position it, where you also discuss the opportunities that they'll bring. And if you can, I'd love for you to give a breakdown of what those opportunities are, along with the threats and what they'll mean, both from a broad level, as well as when it comes down to digital security.
Greg Wetmore: Yeah, I think that's exactly the right way to think about it, Samantha. Quantum computers do represent an opportunity and a threat. I think there's no doubt that quantum computers are an incredible technological advancement. We anticipate that quantum computers will be valuable tools to advance fields like biomedical research or pharmaceutical research, material science, machine learning. It's that quantum mechanical model that quantum computers operate on that allows them to model physical systems so well, but it also happens that we've proven that quantum computers can break the complex mathematical problems that underlie today's public key cryptographic systems. And by that, I mean the RSA and elliptic curve algorithms that public key cryptography is built on.Now, public key cryptography really is a critical part of our digital lives. It's sort of all around us. It's one of the technologies that allows us to perform secure transactions online or prove who we are online. Public key cryptography allows us to keep data confidential using encryption. It allows us to prove our identity or to ensure that data retains its integrity or isn't modified. That's digital signature. So before quantum computers get big enough and powerful enough to break this public key cryptographic systems, we're going to have to transition to what's called quantum safe or post-quantum cryptographic systems.
Samantha Mabey: Yeah, I've heard it reference before that we do rely on this cryptography for everything and that quantum computers really sort of marks the end of the golden age of crypto as we know it today.
Greg Wetmore: Yeah. When RSA was first sort of publicly invented, it really initiated that golden age where cryptography could be used in a very general purpose way in our digital lives. Keys are small. It's easy to implement, well understood, provenably secure, and quantum computers do represent a threat to that, as you put it, that golden age of cryptography.
Samantha Mabey: Yeah. And I know that there are varying opinions out there on the timeline of the threat and when quantum computers will be realized. But from what I've seen, including a report I read from the Global Risk Institute, most seem to agree that it'll be within the decade. Do you think that's correct or does that align with what you know?
Greg Wetmore: Yeah. I mean, predicting the timeline here does require an element of clairvoyance or being able to see the future, but when you poll leading researchers and experts, you start to get pretty broad consensus across that group when you talk about the 10 to 15 year time horizon. We are seeing ongoing advancements in quantum computers from some of the biggest technology companies in the world like IBM and Google and Microsoft, and history has shown us that advancements in computing happen quickly and happen somewhat continuously. So it's, I think, definitely prudent to be thinking that this field will continue to advance and does represent a real threat to our cryptographic systems today.
Samantha Mabey: Yeah, absolutely. That's the thing about technology is that it's unpredictable and does move sometimes a little bit faster than we can expect and anticipate. So I have a bit of a two-pronged question here for you as well. From a marker perspective, I understand that most are waiting for NIST to set the standards which will then be adopted by others, and I also know there's a NIST competition going on. So can you tell us a little bit about what's happening there in both of those?
Greg Wetmore: Yeah, so NIST is a United States based organization, and they have historically been one of the organizations that have led the standardization efforts around cryptographic algorithms. In 2016, NIST initiated a post-quantum crypto competition really where they're solicited from the world's leading researchers and mathematicians and scientists, cryptographic systems that we could prove were resistant to quantum computer or resistant to attacks from quantum computers. And in July of 2020, they announced what they called their third round finalists, so that's a set of algorithms that have been through a number of review iterations and had been selected for what they called their third round finalists. Now, NIST has said they're operating towards a 2024 deadline for standardization, but it's important I think to understand that that competition is now fairly far along and do have some good candidate algorithms that have been analyzed and are starting to become well understood and are available to start using and prototyping with and implementing in our security systems.
Samantha Mabey: And just a little bit of background on those algorithms that they're looking at, can you just give just a slight overview of what they are, what's different about them?
Greg Wetmore: Yeah, so I'll admit I'm not a mathematician or a cryptographer, so I'm not going to get into that part of it, but I can describe that they're... These items are based on totally different kinds of mathematical structures compared with RSA and elliptic curve, and it's those different mathematical structures that we can sort of prove and show are resistant to the kinds of things quantum computers are really good at solving. And I think it's also useful to understand how different post-quantum cryptography is from traditional or classical public key cryptography and the properties that have made RSA, you talked about the golden age, so useful and ubiquitous. Small keys, easy to implement, relatively high-performance, fast. We see it with some of these post-quantum algorithms, a real difference in some of those properties. Keys can be very large, potentially. Algorithms could be very slow or key generations very slow, so it really does point at needing to select the right post-quantum algorithm for the application that you are building and potentially have to design for some of these more challenging attributes of post-quantum crypto algorithms.
Samantha Mabey: Yeah, that makes sense. There's a trade off there for sure. Now, from a business perspective, so potentially for anyone who might be listening to this, what they should make note of, what should companies be doing to prepare for that post-partum world?
Greg Wetmore: Well, I think it's important to take the view to don't wait. Take action now. Many companies, in fact, I could say most companies, have data or systems or products that they would like to have secure for longer than that 10-year period. The other thing that we know is cryptographic transitions are hard. We've done this before. We've done SHA-1 to SHA-2 transition. We've done RSA to elliptic curve transitions. And those took years, and it took a lot of hard work from software vendors and system vendors and IT professionals to figure out where system compatibility issues were and deploy new systems and capabilities and test those. And we know that this transition from classic public key crypto to post-quantum's going to be harder than those previous transitions we've done. I talked about some of the challenging aspects of post-quantum crypto, size and performance. Those things are going to require more effort, more testing, more compatibility than the previous transitions, so it is important not to wait, to start now, take action now.
Samantha Mabey: Yeah, that SHA-1 to SHA-2 comparison, I've heard that a lot before and this apparently just doesn't even compare to the amount of time that might take. I assume also organizations just... We're talking about the algorithms and post-quantum cryptography. I imagine doing an inventory on your crypto or even on your technology that you have in place today is probably pretty critical to navigating to that sort of post-quantum world as well.
Greg Wetmore: Yes. Starting a program to prepare for this transition is exactly the thing I advocate for customers I talk to, and inventorying your systems is definitely one of those. I sort of have a four-step program I'm advising my customers to think about. And the first one is inventorying their critical data and their critical systems, understanding the business value of that data, understanding the lifespan. The second thing is inventorying their cryptographic assets, certificates, keys, secrets, cryptographic algorithms. The third piece of advice I give is to have organizations talk to their security vendors. You should be able to have a conversation today with your security vendors about their post-quantum strategy and their roadmaps. And the fourth is really start thinking about, after you've got a sense of where the most important data is in your organization and where the cryptographic assets are, think about proof of concept or inter-op testing or performance testing, working with your vendors on some of their sort of leading edge PQ capabilities to start identifying the areas in your organization that will be difficult or just most important to start with as you think about the transition to post-quantum.
Samantha Mabey: And as far as the timing goes, I mean, even with the threat potentially being a decade away or within the decade, I understand that there are a lot of industries already, like government and critical infrastructure and healthcare, that are well underway with their post-quantum strategies and planning. Outside of those industries, would you say the time is also now for other organizations and industries to be looking at this? And you mentioned talking to their vendors about this. The time I assume is probably now, especially just not knowing the amount of time that it might take to implement a strategy, as well as when this threat is realized.
Greg Wetmore: Yeah, that's right. We certainly see industries and verticals that are traditionally dealing with highly valuable data that needs to have a long lifespan from a security point of view. You talked about financial institutions and governments. Those are two that come to mind, and we're certainly having pretty detailed conversation with our customers in those verticals about PQ. But I go right back to some of the advice we just talked about, Samantha, that really just about every organization has valuable data or systems or products that they're building where security is an important factor in the design of those things, and we know this transition from classic public key crypto to post-quantum is going to be difficult. It's going to require planning and is going to take years to get right. That's really the root of my ultimate advice, which is don't wait, to take action, to start building a program to prepare for this transition now. And I think that applies to just about every industry or organization.
Samantha Mabey: And I think there's conversations out there as well about there being bad actors who are harvesting data now to crack later once quantum computers are realized, so I think that that's also part of just being proactive with this consideration.
Greg Wetmore: Yeah, it's something that perhaps some don't think about is that concept of collecting encrypted or secure data now that you know can't break now, but that you hold that data knowing that it has value long-term and wait for technological advancements such that at some point you'll be able to break that data. I think that's why we're seeing some of the first sort of interoperable PQ protocols or things like TLS and post-quantum key exchange, which are part of the secure communication technology that underlies just about all the information that moves over the internet, for instance, today.
Samantha Mabey: Yeah, I think this is... Again, it's just such an interesting topic and it will be interesting to watch as this evolution happens and see what different industries do, what different organizations and vendors do. And I think you mentioned NIST has that 2024 deadline, so that'll be great to watch and see what they come to at the end of their competition.
Greg Wetmore: Yeah, that's right. And that 2024 deadline really represents when we're hoping to see draft standards, but we are fairly far along. I talked to both the progress since 2016. We do have implementations of quantum resistant cryptographic algorithms available today that can get built into security systems and secure applications.
Samantha Mabey: That's wonderful. So yeah, the time to test is now, the time to build the strategy is now, and I feel like that's probably a key takeaway from this. At that, I'll just thank you so much, Greg, for your time. I really appreciate it. And just sort of breaking down what, for some, including myself, can be a pretty complex topic, but is definitely very interesting and super important for sure to just be aware of and to understand what needs to be done to prepare for that post-quantum world. So I really appreciate you taking the time today to join me.
Greg Wetmore: It was a pleasure to be here, Samantha. Thank you for inviting me.
Samantha Mabey: Of course. And that's it for today's podcast. So keep up with new episodes by following us on LinkedIn and Twitter using the links in the episode description. Thanks for listening to Entrust Engage.