Considering Costs of Upgrading PKI to PQC.  
Keeping secrets safe from quantum computing is making news.  Fortunately, quantum computing has not arrived, per se.  However, its eventuality is certain.

Planning for protecting client data is paramount and should begin now.  Transitioning your encryption infrastructure will take time, funds, and effort – it’s an enormous undertaking.  Dr. Brian LaMacchia, head of Microsoft Research’s Security and Cryptography Group touts the task is “bigger than the transition from MD5 to SHA-1 hash functions or SHA-1 to SHA-2 because we effectively need to upgrade everything that uses public key cryptography before the advent of quantum computers.” 

The math, the quantum-resistant algorithm employed, is only part of the equation.  Other aspects to consider at the outset of planning, aside from the data: 

  • Hardware and its forward compatibility with post-quantum cryptographic demands.   Post-quantum cryptography requires greater processing power to provide acceptable speed of cryptographic computation.  Is your harware’s firmware able to be updated without removal from the device?  Are servers accessible for retrofitting if not, how will this be accomplished?   Will the stack fail if one device is modernized to PQC resistance and one is not?
  • Software and applications.  Quantum-resistant computing implementations require integration with your software and application stacks — how will the compatibility, speed, and agility, of your current architecture be affected with quantum-resistant computing?  Will the PKI implementations function with your email provider solution?  Your browsers?  Financial applications?
  • IoT devices are built to “fire and forget.”  Many in use have no way for updating without being replaced with newer devices.  Consider the 4 billion years of climate change the planet has undergone and continues to undergo.  Devices in deep ocean sensors to study such ancient and ongoing climate changes should be in the list of considerations to update to ensure data being reported has retained its integrity from collection to storage to transmission.

Is there a trade off?  The current quantum-resistant algorithms in development do not have the performance or comparatively lightweight demands on system resources that current encryption systems do.  The quantum-resistant algorithms coming will likely increase latency in transmission and require greater throughput due to key size.  Of course, latency in this case is more a cause of processing of the larger key sizes within the algorithms. 

“It’s important to make sure you don’t have an implicit limitation somewhere in your software stack.”

Recent testing by Utimaco, Microsoft, and DigiCert had several of the above aspects as part of their focus.  The transition to quantum-resistant encryption is more than software and hardware speed and compatibility.  The transition period and process itself must be vetted to ensure security at the implementation.  Guidelines should be forthcoming for implementation of PQC to protect against data leaks during the transition.  For the transition to be smooth all aspects must be considered. 

Not all questions have been asked, not all questions have been answered.  While the industry ramps up its study and solutions to the quantum computing threat, the time to start planning is now.  Because quantum is coming.  Qubit.

Reference is found at DARKReading…

Collaboration between Utimaco, DigiCert, and Microsoft, found here…