Preparing Critical Infrastructure for Post-Quantum Cryptography: Strategies for Transitioning Ahead of Cryptanalytically Relevant Quantum Computing

Authors

DOI:

https://doi.org/10.46328/ijonest.240

Keywords:

Post-Quantum Cryptography, Cryptanalytically Relevant Quantum Computing, Critical Infrastructure, Cryptographic Transition, Quantum-Resistant Algorithms, Artificial Intelligent

Abstract

As Cryptanalytically Relevant Quantum Computing (CRQC) approaches, organizations managing critical infrastructure must prepare to transition to Post-Quantum Cryptography (PQC). This paper provides comprehensive guidance for this transition, addressing the challenges of quantum computing to current cryptographic systems. It presents a framework for the efficient and timely adoption of PQC within critical infrastructure. The study examines the current development of PQC, evaluates vulnerabilities in legacy cryptographic algorithms, and identifies key strategies for mitigating risks associated with quantum computing. The proposed framework includes a multi-faceted approach, encompassing the evaluation and selection of PQC algorithms, developing a phased transition plan, and establishing governance structures to ensure the long-term viability of quantum-resistant cryptographic infrastructure. Additionally, the paper underscores the importance of collaboration among business leaders, governmental bodies, and educational institutions to promote knowledge sharing and accelerate the adoption of PQC standards. By proactively addressing the challenges of transitioning to PQC, organizations can enhance the resilience of critical infrastructure, ensuring the confidentiality, integrity, and availability of sensitive data in the face of advancing quantum computing capabilities.

References

CISA, (2003). Homeland Security Presidential Directive 7. Retrieved from http://www.cisa.gov/news-events/directives/homeland-security-presidential-directive-7

DSH, (2021). Preparing for Post-Quantum Computing Cryptography. Retrieved from http://www.dhs.gov/sites/default/files/publications/post-quantum_cryptography_infographic_october_2021_508.pdf

DHS, (2003).The Physical Protection of Critical Infrastructures and Key Assets. Retrieved from http://www.dhs.gov/xlibrary/assets/Physical_Strategy.pdf

Mosca, M., & Piani, M. (2022). 2021 Quantum Threat Timeline Report. Retrieved from http://globalriskinstitute.org/publication/2021-quantum-threat-timeline-report-global-risk-institute-global-risk-institute/

NIST, (2017). Post-Quantum Cryptography Standardization. Retrieved from http://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization

Chen et al. (2016). Report on post-quantum cryptography. National Institute of Standards and Technology.

World Economic Forum, (2021). Quantum computing governance principles. https://www.weforum.org/whitepapers/quantum-computing-governance-principles

Stallings, W. (2017). Cryptography and network security: principles and practice (7th ed.). Pearson.

Daemen, J., & Rijmen, V. (2002). The design of Rijndael: AES-the advanced encryption standard. Springer.

Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE transactions on Information Theory, 22(6), 644-654.

Kirsty Paine, K.P. (2023). Cryptographically Relevant Quantum Computers (CRQCs) & The Quantum Threat. Retrieved from http://www.splunk.com/en_us/blog/learn/crqcs-cryptographically-relevant-quantum-computers.html

Ruane, J., McAfee, A., & Oliver, W. D. (2022). Quantum computing for business leaders. Harvard Business Review. Retrieved from https://hbr.org/2022/01/quantum-computing-for-business-leaders

Shor, P. W. (1994, November). Algorithms for quantum computation: discrete logarithms and factoring. In Proceedings 35th annual symposium on foundations of computer science (pp. 124-134). IEEE.

Shor, P. W. (1999). Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM review, 41(2), 303-332

Grover, L. K. (1996, July). A fast quantum mechanical algorithm for database search. In Proceedings of the twenty-eighth annual ACM symposium on Theory of computing (pp. 212-219).

Bernstein, D. J. (2010). Grover vs. McEliece. In Post-Quantum Cryptography (pp. 73-80). Springer, Berlin, Heidelberg.

Lydersen, L., Wiechers, C., Wittmann, C., Elser, D., Skaar, J., & Makarov, V. (2010). Hacking commercial quantum cryptography systems by tailored bright illumination. Nature photonics, 4(10), 686-689.

Wallden, P., & Kashefi, E. (2019). Cyber security in the quantum era. Communications of the ACM, 62(4), 120-129.

Krause, R. (2023). After Artificial Intelligence, Quantum Computing Could Be The Next Big Thing. Retrieved from https://www.investors.com/news/technology/quantum-computing-after-artificial-intelligence-it-could-be-the-next-big-thing/

GQI, (2024). Riverlane Discloses Its Quantum Error Correction Roadmap Through 2026. Retrieved from http://quantumcomputingreport.com/riverlane-discloses-its-quantum-error-correction-roadmap-through-2026

DHS, (2021). Preparing for Post-Quantum Computing Cryptography. Retrieved from http://www.dhs.gov/sites/default/files/publications/post-quantum_cryptography_infographic_october_2021_508.pdf

Vezic, M. (2023). Q-Day Predictions: Anticipating the Arrival of Cryptanalytically Relevant Quantum Computers (CRQC). Retrieved from http://postquantum.com/post-quantum/q-day-crqc-predictions/

Biamonte et al. (2017). Quantum machine learning. Nature, 549(7671), 195-202

Dunjko, V., & Briegel, H. J. (2018). Machine learning & artificial intelligence in the quantum domain: a review of recent progress. Reports on Progress in Physics, 81(7), 074001.

Preskill, J. (2018). Quantum Computing in the NISQ era and beyond. Quantum, 2, 79

Mosca, M., & Piani, M. (2019). Quantum Threat Timeline Report 2019. Global Risk Institute

Herrero-Collantes, M., & Garcia-Escartin, J. C. (2017). Quantum random number generators. Reviews of Modern Physics, 89(1), 015004

Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture. National Institute of Standards and Technology (NIST) Special Publication 800-207.

Copeland, B. J. (2012). Turing: Pioneer of the Information Age. Oxford University Press.

ETHW, (n.d.). Milestones:Invention of Public-key Cryptography, 1969 - 1975. Retrieved from http://ethw.org/Milestones:Invention_of_Public-key_Cryptography,_1969_-_1975

Singh, S. (1999). The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography. New York: Anchor Books.

Biercuk, M. J., & Fontaine, R. (2017). The leap into quantum technology: A primer for national security professionals. War on the Rocks, 17.

Chown, P. (2002). Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS). RFC 3268, DOI 10.17487/RFC3268.

Barker, E., & Roginsky, A. (2019). Transitioning the Use of Cryptographic Algorithms and Key Lengths. NIST Special Publication 800-131A, Revision 2, DOI 10.6028/NIST.SP.800-131Ar2.

Fischlin, R., & Schnorr, C. P. (2000). Stronger security proofs for RSA and Rabin bits. Journal of Cryptology, 13(2), 221-244, DOI 10.1007/s001459910011.

Gueron, S., & Krasnov, V. (2015). Fast prime field elliptic-curve cryptography with 256-bit primes. Journal of Cryptographic Engineering, 5(2), 141-151, DOI 10.1007/s13389-014-0090-x.

National Institute of Standards and Technology. (2016). Report on Post-Quantum Cryptography. NIST IR 8105, DOI 10.6028/NIST.IR.8105.

Smid, M. E., & Branstad, D. K. (1988). The Data Encryption Standard: past and future. Proceedings of the IEEE, 76(5), 550-559, DOI 10.1109/5.4441.

Alagic et al. (2022). Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process. NIST IR 8413.

Moody et al. (2022). Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process. NIST IR 8413. https://doi.org/10.6028/NIST.IR.8413

Fernandez-Vazquez et al. (2022). Security Standards and Post-Quantum Cryptography: Current Situation and Future Trends. IEEE Access, 10, 38831-38849. https://doi.org/10.1109/ACCESS.2022.3166092

Buchmann et al. (2022). Post-quantum cryptography: An introduction for data protection officers. Datenschutz und Datensicherheit-DuD, 46(2), 83-88. https://doi.org/10.1007/s11623-022-1587-7

Ticong, L. (2024). 7 Types of Data Classification. Retrieved from http://www.datamation.com/big-data/types-of-data-classification/

Mosca, M. (2015). Cybersecurity in a Quantum World: will we be ready?. Retrieved from http://csrc.nist.gov/csrc/media/events/workshop-on-cybersecurity-in-a-post-quantum-world/documents/presentations/session8-mosca-michele.pdf

NIST, (2016). Public-Key Post-Quantum Cryptographic Algorithms. Retrieved from http://csrc.nist.gov/News/2016/Public-Key-Post-Quantum-Cryptographic-Algorithms

Moody, D. (2024). Are We there Yet? Retrieved from http://csrc.nist.gov/csrc/media/Presentations/2024/update-on-the-nist-pqc-standardization-project/images-media/moody-are-we-there-yet-pqc-pqc2024.pdf

CSRC, (2022, July). Announcing PQC Candidates to be Standardized, Plus Fourth Round Candidates. Retrieved from http://csrc.nist.gov/news/2022/pqc-candidates-to-be-standardized-and-round-4

NIST, (2022). Announcing PQC Candidates to be Standardized, Plus Fourth Round Candidates. Retrieved from http://csrc.nist.gov/News/2022/pqc-candidates-to-be-standardized-and-round-4

NIST, (2024, August). Quantum Cryptography FIPS Approved. Retrieved from http://csrc.nist.gov/News/2024/postquantum-cryptography-fips-approved

IBM, (2024, August). NIST’s post-quantum cryptography standards are here. Retrieved from http://research.ibm.com/blog/nist-pqc-standards

McKay, K., Bassham, L. E., Turan, M. S., & Mouha, N. (2017). Report on lightweight cryptography. National Institute of Standards and Technology. Retrieved from https://www.nist.gov/publications/report-lightweight-cryptography

NSA, (n.d.). Quantum Key Distribution (QKD) and Quantum Cryptography QC. Retrieved from http://www.nsa.gov/Cybersecurity/Quantum-Key-Distribution-QKD-and-Quantum-Cryptography-QC/

Harishankar, R., Osborne, M., Arun, J. S., Buselli, J., & Janechek, J. (2024). Crypto agility and quantum-safe cryptography. IBM Quantum. Retrieved August 8, 2024, from https://www.ibm.com/quantum/blog/crypto-agility

Downloads

Published

2024-09-30

Issue

Section

Technology