The modern cryptography that protects our most sensitive data is generally assumed to be very strong, with encryption algorithms considered rock-solid due to the inordinate, impractical amounts of time it would take to break them. However, at some point in the foreseeable future, breaking these same encryption algorithms will become a fast and easy task thanks to
Encryption that is fast and easy to break is, of course, terrible encryption. It is imperative organizations understand the upcoming cryptopocalypse, its implications for data security as we know it, and what can be done about it.
The Impending Cryptopocalypse — Current Cryptography is Not Enough
First, a look at where we are. Current cryptography used in enterprise-level data security consists of two kinds of encryption algorithms: symmetric and asymmetric.
The most commonly used symmetric algorithm is the Advanced Encryption Standard (AES). The problem with AES, or any symmetric algorithm, occurs in key transmission. The key must get to the receiver from the sender, and is vulnerable to interception.
Asymmetric algorithms solve for this. Asymmetric encryption is also referred to as public-key cryptography, since encryption uses a public-key, while decryption uses a private one only available to the receiver. The most commonly used asymmetric algorithm is RSA. RSA is based on the practical difficulty of factoring large numbers, from which the key pairs are derived.
The mathematics behind public-key cryptographic algorithms like RSA rely on complexity. A cryptographic algorithm is only as secure as it is infeasible to compute — if the calculations to reverse the cryptographic algorithm take longer than the protected data would remain valuable, security can reasonably be assured.
Advances in mathematics and quantum computing threaten to disrupt this previously secure world of cryptography.
Using the properties of quantum mechanics, a quantum computer would be able to search for and find patterns within a large number, without having to examine every digit in that number, meaning it could potentially crack public-key cryptographic algorithms — not only RSA, but also Diffie-Hellman and elliptic curve cryptography — in far less steps, and far less time.
For example, data protected with a 2,048-bit digital key using RSA would take a conventional computer about 300 trillion years to crack, while a quantum computer powered by 4,099 qubits could do it in a mere 10 seconds.
Clearly, the threat of quantum computing is a real one, and a serious one — action must be taken to protect our data going forward before it’s too late, and the quantum clock is ticking.
The Push for Post-Quantum Security Standards
Awareness around the vulnerabilities inherent in current cryptographic algorithms has led to a global effort find viable post-quantum cryptography (PQC) solutions.
The US Department of Commerce’s National Institute of Standards and Technology (NIST) is leading the push for the evaluation and standardization of post-quantum (also known as quantum-resistant) public-key cryptographic algorithms.
On July 5, 2022, NIST announced four candidate selections in its third round of the post-quantum cryptography standardization process. These PQC algorithms are far more quantum-resistant than the current algorithms vulnerable to attacks from large-scale quantum computers. The four selected PQC algorithms are: CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+.
NIST has stated that CRYSTALS-Kyber (key establishment) and CRYSTALS-Dilithium (digital signatures) will be the two primary algorithms for most use cases, writing that they “were both selected for their strong security and excellent performance.” Along with CRYSTALS-Dilithium, FALCON and SPHINCS+ will also be used as digital signatures (for verifying identity and the authenticity of messages) — FALCON for “use cases for which CRYSTALS-Dilithium signatures are too large,” and SPHINCS+ “to avoid relying only on the security of lattices for signatures.”
These new quantum cryptography standards will have a significant and lasting impact, shifting how organizations protect their data. Many companies will be mandated to comply with NIST standards, and with these recent announcements will be able to start incorporating the new algorithms immediately.
Indeed, any organization would do well to begin the shift to post-quantum cryptography as soon as possible — while there is no telling precisely when the cryptopocalypse will arrive, with the likelihood that encrypted communications are already being collected and stored by cyber adversaries until such time as they can be decrypted, it’s never too early to start putting measures in place to prevent such efforts from succeeding.
Data Encryption Solutions to Prepare Now for the Quantum Threat to Cryptography
An impending cryptopocalypse calls for a paradigm shift on the road to perfect secrecy — Theon Technology is transforming data security with just such a paradigm shift in data encryption.
Theon’s next generation products are focused on providing viable, revolutionary quantum-resistant encryption for both data in flight and at rest.
Our software utilizes patented algorithms to deliver on the promise of a truly scalable, commercially viable, enterprise ready, one-time pad without the need for specialized hardware. And with the current generation of random number generators shockingly generating numbers with predictable submerged patterns, Theon’s cryptographically secure random number generator instead exploits the proven properties of large irrational numbers. Our products deliver high-entropy, quantum-resistant OTP keys at scale… a revolution in data security.
Prepare now for the upcoming cryptopocalypse — Reach out to a Theon expert today to find out how our next generation data encryption products can deliver the quantum-safe solutions you’ll need for the security of your organization. We also have several free eBooks with more information, available for download here.