Skip to content
Sign In Subscribe
videoquantum computingHSC User Group

The Quantum Apocalypse: A Looming Threat & The Need for Post-Quantum Encryption

 and  CYBR.SEC.Media
23 min read

Presenter:

Tommy Todd

Transcript:

It's going to be interesting topic for everybody today. My name is Tommy Todd. I'll introduce myself a little bit more here in a second. But today we're going to be talking about the impending quantum apocalypse. Things that people think are 5 to 10 years away are actually much closer than you realize.

And the need for post-quantum encryption. We think about what can we do to solve this problem, or at least protect our resources and our assets. I've got some answers for that. If you're, First of all, let me see a show of hands. How many you guys are familiar with basic encryption? Just so I can have a level set of your experience levels.

Okay, so I'm not going to be talking anything foreign to you guys. You'll kind of understand this. As you can probably imagine, these conversations can get pretty technical pretty quickly. I try to keep it elevated for the majority of the people in the room that maybe don't have a lot of experience with encryption. Feel free to engage me with questions throughout the presentation.

I'm happy to answer anything I can. I'll preface this by saying I am not a mathematician. So if you start asking me about lattices and, you know, cipher block chaining and some of the under the hood stuff, I'm not going to have answers for that. I just want to kind of level set with everybody about my level and experience with this.

Again, my name is John. I've been in cybersecurity now for almost 30 years at this point, and I specialize my career around data privacy and data protection. Does anyone in this room to be more fanatical about data protection than I am? When we talk about that work life balance earlier today, I had people ask me all the time, what do you do for downtime?

Well, this is what I do. This is who I am, and this is what I'm all about. Because data protection is not just an organizational concern, the consumer concern. We're all worried about it. Think about how many times your data has been leaked from a company. I don't know about you guys, but I have six accounts on payroll right now because of all the breaches in the last year.

The credit monitoring service. Anytime I get those letters, I go ahead and sign up for another account. I want to think of them leaking my data. So if you're not concerned with your own data leakage, you should be. And you should be just as passionate about this topic as I am. My history goes all the way back to the days of Pjp, and you in here are familiar with Pjp, the kind of the gold standard of encryption for a long time, right?

So I spent, almost a decade working for Pjp as our global deployment engineer. So when it comes to what organizations are faced with with trying to implement encryption, I've got more battle scars than most people in the world. And, it's a painful lesson to try to articulate when we talk about post-quantum cryptography. I've been all over the world doing this.

This is again, what I love. This is who I am. This is what I do. Again, I'm not a mathematician, so please be gentle. If you have any questions about the ciphers themselves or the algorithms. So let's talk about quantum computing first. How many of you guys are familiar with quantum computing? Just the general purpose behind it, right.

So this should be familiar to you. There's some advertised benefits of quantum computing that we hear about all the time. Here's how it's going to benefit mankind when we finally see quantum computing come online. Things like it's going to revolutionize all kinds of industries. Think about health care, think about research and science. Being able to model your universe using quantum computing.

We think about the military. They're begging for something like this so they can start modeling nuclear explosions without having to set them off. I think that this has got a lot of value to the industry, right? A lot of value to humanity. But the reality is, most of this stuff gets weaponized. If you look at all the things that were consumer or benefited humanity, it was first you thought it was gonna be a good idea, but then it became a weapon that was used against us.

So we think about all these benefits that quantum computing promises. And it's interesting because I talk to people that are, I talked to one guy recently that majored in quantum mechanics, and he was telling me he's like, I've never heard anybody talk about how we can operationalize these theories that we've had for 20 years. And when you talk about simulations and the ability to benefit mankind around, you know, being able to take the DNA sequencing and be able to predict what kind of child you're going to have and what kind of, abnormalities you might be faced with being able to predict.

All those things are things that we look forward to because it'll help humanity grow and basically, treat ourselves much faster than we have in the past. You know, if you think about the viruses that have come out recently, imagine having a system that can find a cure immediately without having to worry about years and human testing. So again, there's a lot of benefits, but unfortunately there's a lot of risks associated associated with quantum computing as well, which we'll talk about today.

So how does quantum computing change encryption. What are some of the concerns that we have with it? Well, in short, if you think about what quantum computing can do versus classical computing, it's the idea of this qubits model which means in classic computing there's the old age of binary, right, 1 or 0. And that's how computers look at things today.

We can either process one or we can process zero with quantum mechanics and processes in both simultaneously, which allows processing to speed up and be much faster. And as a result of that, it can attack encryption much faster than a classical computer. What I tell people is, if you think about encryption, there's really only one threat to encryption that exists and has always existed.

And it's time you give me enough time and I can crack any encryption, right? It might be a million years from now, but I can still crack it. What quantum computing has done is move that needle backwards. So instead of it being thousands to millions of years, it's now minutes to hours. And so when we think about how we're trying to solve this, we're trying to reset the clock.

So you'll never hear me use words like, quantum proof. You know, quantum. You know, you always say these words like resistant because we all acknowledge it's not going to be, something that's going to stop quantum computing from breaking your encryption. It's like a bulletproof vest. When you think about how people claim it's bulletproof, it's not. You shoot a bulletproof vest enough times, bullets will get through.

Same thing with, with resistance to quantum computing. So, weirdly enough, these were, there's some theories that already had, this idea of breaking encryption that came out in the 90s and they weren't able to be tested because quantum computing wasn't reality back then. And so we have two specifically that we want to talk about Shor's algorithm and Grover's algorithm.

And both of these have their own unique approach to the way they look at large number theory. Being able to, calculate things in such a way. And these were all theoretical. They had no way to test these models. But now with quantum computing, it's more of a reality. So the first one, Shor's algorithm, this is really just the ability to, factor large numbers exponentially faster.

And if you think about encryption, it's all about math. The bigger the number, the harder is to crack. So if you can reduce that or you can factor these larger numbers simultaneously, and it's just a matter of time before you can crack encryption. This breaks your standard encryption models such as RSA, ECC, Diffie-Hellman. Some of the standards that we've had for years are now subjected to this theory that it's becoming reality.

Then you have Grover's algorithm. And really, weirdly enough, this was originally designed as a database search algorithm to make database searching faster. But the side effect of this was that it technically halved the key strength of any types of encryptions. When you think about AS2 56, if you apply Grover's algorithm, you're actually cutting that in half. And now you're really working with an 8128 key.

So the smaller the key, the more likely it is it's going to get cracked. And this is problematic when it comes to cryptography. So when we talk about the quantum apocalypse, what does this really mean. And this is really tied to encryption specifically. But the day we hit that inflection point where quantum computing becomes a reality and it's part of the masses, it's not this theoretical thing that, you know, as soon as a chip is turned on, it's burnt out.

Once we figure out the heating problems, there will be an inflection point where encryption will be vulnerable to attacks. And this is a 100% certainty. So overnight, everything that you've protected using encryption, your TLS sessions, your SSH keys, anything you've encrypted using file based encryption to BitLocker, things of that nature, they all become vulnerable and they all become exposed.

And when that day happens, everything about us is going to be transparent to the world. And this is universal. So this isn't unique to the North American. This isn't unique to to, you know, the, pretty much everyone in the world, including China, Korea, Russia, all those countries, everyone is going to be vulnerable to this. Okay. So what's going to happen when things die?

I try not to paint too much of a doom and gloom model, because if you start to go down these rabbit holes, it can get pretty terrifying when you think about how much it's going to be affected when encryption dies. And just some simple things like financial systems. Imagine you wake up tomorrow and all the money in your account is gone, and there's no way to track why it happened and how it happened.

Right? Imagine military secrets being exposed, our communications with satellites, our nuclear codes, all the things that the military prides itself on protecting is now vulnerable to attack. This is things that are going to be happening overnight, the day this takes place. Now we talk about personal data being compromised. I think it's we can all agree that's kind of a a past time at this point.

Everyone's data here has probably been exposed at least once, maybe multiple times. So how much of this personal data do we really care about? Well, think about the things that you have protected. Think about your signal messages that you send back and forth, thinking about the things that you personally encrypted and you don't want anybody else to see.

Maybe it's, you know, some archives or some compromising photos of yourself. Whatever. All of that stuff becomes exposed at that point. So it basically removes the veil of secrecy by having this happen to you. Health information. We talk about how health information is already being leaked in different ways from different hospitals. We do have regulations in place that are trying to get ahead of some of that.

But imagine if everything about you got exposed to the world. Imagine if your partner found out something compromising about you that he didn't want to know. Imagine if your insurance company found out about something you didn't want them to know. There's all kinds of damage that can occur when all these secrets become exposed. So let's take it one step further and think about how quantum computing and AI, once these things get married up, what that's going to mean for the world.

And I know about you guys, but this is probably the most terrifying part of quantum computing for me, because I is already getting pretty damn smart with just classical computers and data centers. Imagine once it has the processing power of a quantum computer, what it's going to be able to do. I think if you've seen any science fiction movie ever, you know how this is going to end and it's not going to end well for us.

But this is something that a lot of people are worried about, and this is something that we have to put guardrails around and think about it today, because quantum computing is on the horizon. It's not a 30 year problem anymore. And as a result, this is something that I think the first step we're going to see is people going to involve artificial intelligence with quantum computing.

And this is only going to make this problem worse. It's reality manipulation. If you're like me, you've already seen some of these things happening, right? The deepfakes that we're seeing, some of the, misinformation that's being pumped out right now in volume. It's only going to get worse. Imagine markets being flooded with fraudulent transactions, right? And it will nuke our markets.

It'll crater everything that we know is real. And more importantly, when I think about mass surveillance, this is an area that's near and dear to my heart because I am trying to be a very private person. Try not to invite voluntary surveillance into my home. I'll never have a Google device. I'll never have an Alexa. You know, I make sure that my phones are in kind of a Faraday cage whenever I'm at home, because I truly believe I have a right to privacy, even if that privacy is no longer really a thing here in the US.

And with quantum computing and things like AI, it's only going to get worse. You know, think about how many ring cameras you pass by when you walk down your neighborhood. Imagine those things being tied together and tracking your every movement. Imagine applying quantum computing to facial recognition. You know, right now, facial recognition is a bit of a joke.

It has a high failure rate, but with AI and quantum computing, it can figure that out much faster. So from the moment you wake up until the moment you go to bed, you're being tracked all the way through that. And to me, that terrifies me, because there's nothing that's going to stop the industry from making that happen. I went down this whole rabbit hole of what is possible, and when I was putting this together, and I pulled a lot of it out because it started to scare the crap out of me.

When you start to think about all the things that could go wrong and the doom and gloom models, that could happen, but the reality is, is that this is something that people need to be aware of, because I think there's a lot of complacency. We're being told this is a far term problem. This is not a here and now problem.

And I think if you really watch the news over the last year, you're probably starting to say, I disagree with that. This is not a 5 to 10 year problem. It's a 2 to 3 year problem. And I'll show you why in a second. So again when we talk about the threat timeline, let's bring it back to encryption.

What's really at stake here missed is estimating that this is still a 5 to 10 year problem. And there's a couple of reasons why they're stating this. Because the industry is slow to change. Organizations are slow to adopt new systems and new ways of doing things. Back in the day, when triple Des was determined to be deprecated and it was vulnerable, it took the industry anywhere from 5 to 10 years to overcome that, to replace triple Des with something else.

So they're saying things like, you know, in this quantum thread is a 5 to 10 year problem, but that gives you enough time to be thinking about it and how to how to handle it. Well, if you look at the news lately, that's not true at all. This is something that I think if I looking at the T leaves correctly in 2 to 3 years, we're probably going to see the first true quantum chip come online.

That's going to have the power to be able to break traditional encryption. Some of the attacks we're seeing, I know somebody mentioned, ransomware is is hardware. Now it's becoming a former problem. More importantly, we are seeing harvesting attacks where instead of taking your data and holding it hostage. They're just stealing a bunch of encrypted data and data, warehousing it, knowing that at some point they're going to be able to unlock all of that.

So that's that basically that harvest now decrypt later model is underway right now. Think of all the communications that are going back and forth. Why do I need to worry about cracking that today, when I can just hang on to it at some point to be able to crack it later? So this is something that if you're aware of the different types of threat gangs that are out there, you might see some of this in your environment.

It's like, wait a minute, they came in and they left and they didn't do any damage. That's because they took all of your, your secrets, right? All the stuff that's encrypted. Because I know if I were an attacker, and I'm looking at your environment. If you encrypted it, you encrypted it for a reason. I must mean it's pretty important.

And so I probably want to hang on to that and take that data with me and kind of put it aside. And then one day when I can actually crack it, then I'll have access to it. Does anybody seeing this kind of attack in your environments, have you seen some of this, this weirdness going on where it's like, well, they got in, they did something, but they didn't do any damage and they got back out.

Maybe we got we took care of them not realizing it. Maybe they took a bunch of your encrypted data. Maybe only once seeing it. You see it. So it's like whenever something gets activated. It's like best practices that we've ever been granted. And all that tells us that. Yeah. Because they can, you know, secrets to correct.

But now this conversation, it's like well they have it and that's what they're testing right now. Yeah I mean the regulations have put us at risk because if it's been encrypted and you can prove that you don't have to report it. So imagine how many organizations have had their encrypted data stolen that you'll never know about. Right. So this is a big problem.

And in my opinion, it should be reported even if it was encrypted because of this threat. And that's just me. Like, just get the government on the phone to change some of these regulations, right? So, when we think about how the industry is looking at this, what's interesting is that with quantum computing coming online, there's some theories that even the strongest RSA key at 2048 bits can be cracked in less than 24 hours.

And when we took it, RSA is kind of a major component for everything I mean. So the SSH key RSA key right. I don't know what size that was. It didn't look 1024 to me. But I'm pretty confident with quantum computing. They probably take minutes to crack your key. Right. Certain sensitive things like that become susceptible to these types of attacks.

Now, what if we rotate those? Well, the reality is, it's not cracking your key. It's cracking the algorithm. So anything you've ever use an algorithm for is vulnerable to quantum attacks. So I want to make sure there's a distinction there between a key and the algorithms. So let's talk about the algorithms and what the risk is to them right now.

So if you're in if you're familiar with encryption you're probably familiar with all these different algorithm standards. So you've got your RSA is your X elliptic curve cryptography, your Diffie-Hellman s which are typically signature based. And then your s which is treated as military strength encryption. So as 256 as 512, etc.. Every single one of these is vulnerable to theoretical quantum attacks.

Yeah. Go ahead. Yeah. SEC. Yeah. It's vulnerable to it as well. Oh, yeah. Yeah. In fact, it's more vulnerable than anything as far as, my understanding. So RSA and SEC are kind of in the same boat, with as it is technically right now, partially vulnerable to quantum attacks. Only because you have to increase the key size, which slows down that attack vector.

But the reality is it only slows it down by maybe hours. So increasing that key size is not really a viable option for most organizations due to the resource intensity it takes to encrypt and decrypt. The bigger the key, the more resources it's going to take to encrypt the data, the more it's going to take to decrypt the data.

So a lot of people try not to move outside of, say, 256. They feel like it's good enough encryption. And reality is it's not, especially if you apply Grover's theory on this or algorithm where it actually reduces that key strength down by half. So if you're relying on 256, you're actually using 128. We all know that. That's pretty weak.

I did put one time pads on here, and this is mostly for the nerds in the room, because if you know what, one time pads or if you've ever used them, they are the OG when it comes to ciphers that are uncrackable, even by quantum computing. It's one time pad, so it's a pre shared key. That's a one time use.

So if you've ever listened to number stations where governments will communicate with spies over shortwave radio, they're just reading out a series of numbers. That's basically what that is. If you were to write down all those numbers and then use a one time pad to decrypt it, as soon as you use a pad, it's no longer usable.

And no computer on the planet, including quantum, could actually attack that in a way that we can decrypt it. Now, the reality is it's not operational, so it's impractical to consider that as an alternative to everything. But I like to throw that out there that even with all this fancy computing that we're worried about, there's still a way to protect your communications.

So let's talk about before we jump into PKI or PKI. Okay. What do we want to call it? The post quantum cryptography. Let's talk about the evolution of encryption, because I think it's important to know how we got here and what we've been trying to do since encryption came online into the mainstream. So as somebody that used to work for Pjp, the public key exchange was what we were familiar with, what we're all used to.

So if you've ever used the open PGP standard, it was literally a key exchange. So if Michael and I wanted to encrypt data back and forth, I'd get a copy of his public key. I'd give him a copy of mine, he would encrypt my key, and I would actually decrypt it using my private key. So there's a two piece mechanism there, and this was good enough for most correspondents.

Most types of data protection. The challenge is, is it's not scalable. Imagine trying to roll out a public and private key pair model to a large organization. You're expecting the users to have to manage their keys, rotate them on occasion, make sure that their passphrases are strong. It's a pain in the butt for anybody to try to administrate, especially if you're not really familiar with or in the tech space where you understand encryption enough to know what it's used for.

So then we moved into what this what we call our symmetric key model. And this is where post Pjp other companies took this idea of symmetric keys, meaning that there's really no key management involved and how they apply this is a 1 to 1 relationship. Meaning for every piece of data you created, there was a brand new key created that encrypted that piece of data.

So as an attacker, if I wanted to crack your data, I could literally only crack that one key which apply to that one piece of data. And I'd have to keep doing this over and over and over for every new key that you created in your environment. And both of those scenarios, there is one significant risk, and it comes down to the algorithm, because you might have multiple keys, but you're using the same algorithm to build those keys.

If I can crack your algorithm, I can crack any key you've ever created with it. So this is why the upper level, algorithms are so important when we talk about what quantum computing can do. Because once it breaks down that algorithm, we're all screwed. And we ever created is now vulnerable. So we now move on to this post-quantum key, or PKI, you know, all kinds of different acronyms for it.

And I'll dive into this a little bit more about what this means and what's being implemented today, to give you a better understanding of how this is going to work moving forward. So let's talk about it like, you see, as we like to call, because it is a mouthful to say post-quantum cryptography all the time. It is quantum resistant math.

So it's based on a number of different theories. A lattice is hashes and other resistant structures. And it provides dual protection. So one of the interesting things about PK is that it doesn't just protect you for future sake, meaning we're protecting against quantum attacks. It also legacy protects you against things like brute force attacks and hash collisions.

The old way of doing breakage on an encryption keys. So the fact that you're getting that legacy protection and future proofing makes us really desirable for organizations to consider. And it's currently being standardized by nest. So if you kind of like CSA, if you're a big believer in nest, you're thinking, okay, they're doing all the right things. They're kind of the governing body for this, this whole process moving forward.

So what is their role? Well, they've been the ones that have selected the algorithms that we now have available to us. And right now there's four. And we'll talk about which ones those are and what they're used for. They are in the process of finalizing the standardization. If you're following any of this. God forbid you are because it's boring to me.

So it's probably boring you guys as well. But they have come up with Fips standards directly relating to the post-quantum cartography. So if you're familiar with Fips one 4140 2-3, I think it's a new one. Basically it allows you to have a kind of a framework around how you implement these cryptographic modules. And so to say we have an algorithm is not enough.

You have to have a standard around how those modules can be implemented and how can they be certified and validated by government agencies and auditors. Things of that nature. The governments have, considered some mandates. And then we'll talk about one that came out in 2021. I'll be surprised if we don't see regulations. I get ten minutes.

Okay. Cool. How's it do? Listen. Yeah. I'll be surprised if we don't see regulations getting updated with PKI. See language written into it. So anything that calls for data protection and encryption is being called specifically. You're going to see those be rewritten to say you have that PKI capabilities. Otherwise it's not considered authorized by, by the regulation.

So I'm gonna try to jam through these pretty fast. So just know that there are four actual algorithms that are now available that have been certified by Nest as, operational as you want to call it. One is called Kyber. I'll talk a little bit about that, but let me get to the other three real fast. So dilithium Falcon and Sphinx, those three are actually designed for signatures.

So when we think about why that would matter, think about secure digital transactions, being able to sign legal documents. If you're doing software development or software pushers, you typically sign your packages using a key. And that gives you that integrity of knowing that it's coming from that authorized source, right, and that it hasn't been tampered with. So just know that those three are used for that purpose.

And they all have a little bit of a different model. So the lithium is your standard Falcon's one with a little bit of a shorter hash. And then Sphinx is designed to be more longer term. So imagine signing a document that you need to keep around for 50 years. Right. You don't want that key to degrade over those 50 years.

You want to make sure that, it stays with integrity. Now Kyber, on the other hand, I want to point this out and I'll just jump to the next slide here. It's a little different because Kyber is not a file based encryption algorithm, meaning that it's not designed on its own to encrypt anything. What it's designed to do is encapsulate your existing keys.

So if you're using a yes, you're using RSA, you're using SEC. Yeah. Go ahead or upgrade. I'm sorry.

So again encryption susceptible time. So the more attacks that you hit the more integrity you can degrade on that key. So by having a post-quantum signature or post-quantum resistant signature allows you to make sure that you have integrity so that it's not being attacked within a certain time frame. That makes sense. So if it's something that can be attacked and broken in the next two weeks, then the key doesn't have that kind of a longevity.

So we wanted something that was future proof beyond that. Yeah, yeah. So anyway, this is a final thought on the Kyber piece, just to let you know what, again, is an encapsulation key, meaning that you can wrap your existing keys using Kyber. So if you're still using a yes, you don't have to decrypt your data and then re encrypted with something new, you just wrap Kyber around your keys and allows you to futureproof those against post-quantum attacks.

This is important because nest looked at it as like, what can we do to get adoption as fast as possible? And as a result, they recognize if we were if we introduce something new like RSA or S, no one's going to be able to decrypt their data and re encrypt it using this new algorithm. So it's easier for us to just give you a safety net, give you something that you can wrap your existing keys so you can keep on trucking without having that decrypt, knowing that you've been future proofed against quantum attacks.

We'll talk a little bit about this and I'll jump into the next slide, because I think it's more important. The takeaway from this is really the tech giants that are out there. Your Googles, your Microsoft, your AWS. They're all claiming that they're working on hybrid encryption approaches to get ahead of the post quantum computing world. But I think it's kind of funny because they're also the three people that are telling you they have a chip in the last year.

To me, that's kind of a conflict of interest. You're developing a quantum chip to attack encryption, and yet you're claiming you're also building encryption that's resistant to quantum attacks. I don't know about you guys, but I don't trust any company that security is not their first stance, and neither one of these companies actually have. Security is the number one thing they care about.

So time is running out. As I mentioned in summary, it's a 5 to 10 year problem, they say. I think it's a 2 to 3 year problem just due to what we're seeing in the news. Right. The Chinese are chipping away. There's it's just a matter of time before they actually break it. When they do, everything will be vulnerable 100% across the board.

Right now we only have four algorithms. I, I'm personally a little nervous about that because we're putting all our eggs in one encapsulation bucket. Great. You gave me three signature capabilities, but so what, caliber has had that, situations where they've had side channel attacks that have been demonstrated. I know a couple of them came out last year which made that system vulnerable.

Now, fortunately, this was able to get those patched, so we were protected. But still, if that whole thing goes down, we have no other option. Kyber is all we have. So I'd like to say 2 or 3 more like Kyber if we're really going to have some variety. And then finally, for those again, I've been telling you, we have a problem.

What are we gonna do about it? So those of you that are in organizations where you're worried about this today, the biggest thing is understanding your inventory, being able to go out there and understand what kind of encryption are we using? Where is it applied to? Is it purely network? Is it file based? Is it things like SSH keys.

Get that good inventory have crypto agility. So have a system or have a tool in place which a lot of startups do that can dynamically switch encryption capabilities. So not only have different keys with different algorithms being used that are all post-quantum resistant. So being able to have that flexibility allows you to stay ahead of the threat vectors and then test these in your environment.

Don't just trust Kyber is going to work for you. Make sure that you're testing these because it can be irreparable harm to your environment. If you test this out and it gets crazy thing, you know you can't recover any of your data because it is post-quantum resistant, meaning you're not going to be able to do anything to reverse engineer this stuff.

And that's it. Thank you and good luck.

Related

Latest