U.S. security services release report Must prepare for post-quantum encryption standard immediately
On August 24, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released the CISA Insights: Preparing Critical Infrastructure for Post-Quantum Cryptography report [1], outlining actions stakeholders should take now to prepare for their future migration to NIST's Post-Quantum Cryptography standard.CISA states [2], "Stakeholders are strongly urged to follow the report's recommendations immediately to ensure their own smooth migration to the Post-Quantum Cryptography standard."
Photon Box compiled the full report as follows.
01Quantum Risks for Digital Communications
States and private companies are actively pursuing the capabilities of quantum computers. Quantum computing opens up exciting new possibilities; however, the consequences of this new technology include threats to current encryption standards. These standards ensure the confidentiality and integrity of data and support key elements of cybersecurity. While quantum computing technologies that can break the public key encryption algorithms in current standards do not yet exist, government and critical infrastructure entities (both public and private organizations) must work together to prepare for new post-quantum cryptographic standards to defend against future threats.
In March 2021, Homeland Security Secretary Alejandro N. Mayorkas outlined his vision for cybersecurity recovery and made the transition to post-quantum cryptography a priority. Government and critical infrastructure organizations must now take coordinated preparatory actions to ensure a smooth migration to the new Post-Quantum Cryptography Standard to be published by the National Institute of Standards and Technology (NIST) in 2024.
An inventory of vulnerable critical infrastructure systems across the 55 National Critical Functions (NCFs) is the first step in this preparation and is included in the Post-Quantum Cryptography Roadmap developed by DHS and NIST. Quantum computing poses a potential risk to each of the 55 NCFs, and CISA urges asset owners and operators to follow the roadmap and CISA's Post-Quantum Cryptography Initiative to begin addressing this risk within their organizations.
02Quantum Threats to Public Key Ciphers
All digital communications: email, online banking, online messaging, etc., rely on data encryption in the devices and applications used to transmit the data. This encryption is based on mathematical functions that secure the data in transit and protect it from tampering or espionage. In public key encryption (also known as asymmetric encryption), the mathematical function relies on an encryption key to encrypt the data and authenticate the sender and receiver.
Public-key encryption requires that each message use two separate, but related, keys (one called the public key and the other called the private key) to protect the data. The sender and receiver of the data do not share their private keys, while the public key can be shared without degrading the security level of the encryption. The sender uses their private key to encode the message and provides the receiver with their public key to decode the message. In order to reply, the recipient will follow the same procedure and share their public key. Since there are only two keys to decode the message, "digital signatures" allow one party to sign the message with their private key, while the verifier uses the public key to verify that the sender actually sent the message. All organizations need to use public key cryptography to send emails securely, verify digital signatures, and protect sensitive data and online user information.
As quantum computers reach higher levels of computing power and speed, they will have the ability to break public key ciphers, threatening the security of business transactions, secure communications, digital signatures and customer information.
Experts currently believe that quantum computers are unlikely to affect symmetric key cryptography. In this cryptography, the sender and receiver use the same key to protect the data. Rather than requiring quantum-resistant algorithms, symmetric key cryptography mitigates the threat posed by quantum computing by using longer key sizes and maintaining the same level of security as today.
03What is quantum computing and what kind of threat is it?
Quantum computers take advantage of the properties of quantum physics to derive different computing capabilities that in some respects far exceed the capabilities of classical computers. Using quantum mechanics, quantum computers use quantum bits, rather than binary bits, to achieve greater computational power and speed in specific scenarios: for example, breaking current public key cryptography.
The algorithms that underpin current encryption standards rely on solving mathematical problems that classical computers cannot solve. Because of their cost and physical size, quantum computers capable of cracking encryption algorithms may be developed first for use by technology companies, research institutions, or countries. In the future, sophisticated quantum computers could threaten U.S. national security if we do not begin preparing now for a new post-quantum encryption standard.
04Potential Impact on State-Critical Functions
Nationally critical functions are government and private sector functions that are critical to the United States, where disruption, corruption, or dysfunction would have serious implications for security, national economic security, national public health or safety, or a combination thereof.
To help critical infrastructure partners prepare for the adoption of post-quantum cryptography, CISA analyzed how each of the 55 NCFs would be impacted by quantum computing capabilities; CISA also analyzed the challenges that NCF-specific systems may face when migrating to post-quantum cryptography. The results of this analysis identify the vulnerabilities and the most important NCFs that urgently need to be addressed to achieve a successful migration to post-quantum cryptography.
CISA analyzed each NCF based on its vulnerability to the expected impact of quantum computing on the nation's critical infrastructure.Specifically, each NCF was ranked as high, medium, or low priority based on the urgency of its reliance on current cryptographic standards, the scope and size of the organizations and systems that need to be updated, and the relative cost to the organization of upgrading to the new standards; CISA also ranked the factors affecting the migration of each NCF ranked as worsening, neutral, or mitigating factors: these factors include the availability of human capital, the status of migration readiness, etc.
1) Prioritization of NCFs for Stakeholder Engagement
An assessment developed for CISA by the Homeland Security Operations Analysis Center (HSOAC, a federally funded research and development center) identified three NCF areas that should be prioritized by the U.S. government and private industry.
Several NCFs will enable the migration of most other functions to post-quantum cryptography. Successfully providing this support will mitigate much of the risk for most users.
Reliance on industrial control systems (ICS) is a concentrated and vulnerable area because of the long replacement cycles for ICS hardware and the wide geographic distribution of devices.
NCFs with particularly long confidentiality periods will require significant support to ensure that the nation's most sensitive data remains completely secure.
CISA will also continue to provide insights into how quantum computing capabilities will impact the future development of NCF.
2) NCFs that enable post-quantum migration
Some NCFs will directly support the migration of the entire critical infrastructure community to post-quantum encryption technologies by providing products, patches, and other software and firmware updates that integrate new encryption standards. Most NCFs and the critical infrastructures they support rely on these enabling capabilities to successfully perform the migration and keep their sensitive information secure. The following four NCFs are probably the most important in supporting a successful migration.
Providing Internet-based content, information and communications services.
The provision of identity management and related trust support services.
Providing IT products and services.
Protecting sensitive information.
CISA recommends that stakeholders responsible for these NCFs work closely with NIST, DHS, and other government agencies to ensure that they are prepared not only for their own migrations, but also to support the migration of digital communications for other NCFs. All NCF stakeholders will need to take action, but only after these four NCFs have created products and services that will enable further updates.
3) Industrial Control Systems (ICS)
Upgrading ICS to post-quantum cryptography will be a challenge because the deployed cryptography-dependent ICS hardware is expensive and the associated equipment is often geographically dispersed. However, organizations should make the necessary preparations to migrate to post-quantum cryptography.CISA urges ICS organizations to ensure that their hardware replacement cycles and cybersecurity risk management strategies take into account actions to address the risks of quantum computing capabilities.
NCF list of dependent industrial control systems
4) Support for long confidentiality periods
NCFs that rely on data confidentiality for long periods of time are particularly vulnerable to quantum challenges, including capture and exploit activities. In such activities, an adversary captures data encrypted using current encryption algorithms and holds that data with the intention of decrypting it when it has the ability to crack an encrypted quantum computer.
Organizations with long periods of data secrecy include those responsible for national security data, communications containing personally identifiable information (PII), industrial trade secrets, personal health information (PHI), and sensitive justice system information. For example, enterprises typically store data with long confidentiality periods in their internal networks and rarely transmit them, which limits their vulnerability. However, such security controls are not foolproof, and organizations should prioritize the security of these NCFs to prevent capture and exploitation actions.
NCF operational guidelines that require long-term confidentiality
05Recommended Actions for Leaders
Although NIST will not release a new post-quantum cryptography standard until 2024, CISA urges leaders to begin preparing for migration now by following the post-quantum cryptography roadmap. Don't wait until quantum computers are in use by our adversaries to take action: early preparation will ensure a smooth migration to the post-quantum cryptography standard when it becomes available. Note: Organizations should wait until the official release to implement the new standard in their production environments.
Reference link:
[1]https://www.cisa.gov/sites/default/files/publications/cisa_insight_post_quantum_cryptography_508.pdf[2]https://www.cisa.gov/uscert/ncas/current-activity/2022/08/24/preparing-critical-infrastructure-post-quantum-cryptography
