A Deep Dive into Post-Quantum Cryptography: The Next Security Frontier

Imagine a world where the digital keys protecting your online life – from banking to private messages – could be instantly broken. Sounds like science fiction? It might not be for long.

While quantum computers aren’t an immediate danger to your everyday online security, the clock is ticking. Experts predict that by 2029, there’s a significant chance – some estimates say as high as 50% – that quantum computers will be capable of breaking some widely used public-key encryption.

This threat has spurred a “harvest now, decrypt later” strategy among malicious actors. They can steal encrypted data today, stockpile it, and wait for powerful quantum computers to emerge and unlock it all in the future.

This is why the race is on to develop next-generation cryptography that can stand strong against both today’s computers and tomorrow’s quantum machines. This field is called post-quantum cryptography (PQC), and it’s rapidly evolving.

At PixelPlex, our IT consultants are deeply immersed in researching these advancements. Their expertise has been instrumental in compiling this detailed article you’re about to explore, where we’ll delve into the specifics of this field.

What is post-quantum cryptography?

Post-quantum cryptography (PQC) is a field dedicated to developing cryptographic systems that are secure against attacks from both classical computers and future quantum computers.

What is the purpose of post-quantum cryptography? The goal of post-quantum cryptography algorithms is to replace current public-key cryptosystems, ensuring the continued confidentiality, integrity, and authenticity of digital information in a quantum era.

These new cryptographic methods are designed to be implemented on classical computers, meaning they can be used with existing infrastructure and protocols, providing a seamless transition to quantum-resistant security.

Types of post-quantum algorithms

The National Institute of Standards and Technology (NIST), a globally respected authority in defining post-quantum cryptography standards, has played a crucial role in standardizing post-quantum cryptography algorithms. After a rigorous multi-year evaluation process involving submissions from researchers worldwide, NIST has finalized the first set of post-quantum cryptography standards.

These post-quantum cryptography standards are based on different mathematical approaches, aiming to provide a diverse defense against quantum threats. Here’s the breakdown of the primary categories of post-quantum cryptography algorithms, reflected in NIST’s standards.

Lattice-based cryptography

Algorithms based on the mathematical challenges associated with lattices, which are grid-like structures in high-dimensional spaces. These algorithms are considered efficient and versatile, forming the basis for two of the three finalized NIST standards.

• Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM):

Standardized as FIPS 203 and based on the CRYSTALS-Kyber algorithm (now renamed ML-KEM). KEMs are used to securely establish a shared secret key between two parties over a public channel, crucial for secure communication. ML-KEM is optimized for key establishment and is designed to be efficient in operation with relatively small encryption keys.

• Module-Lattice-Based Digital Signature Algorithm (ML-DSA):

Standardized as FIPS 204 and based on the CRYSTALS-Dilithium algorithm (now renamed ML-DSA). Digital signatures are essential for verifying data integrity and authenticating the signer’s identity. ML-DSA is designed as a primary standard for digital signatures, balancing speed and security.

Hash-based signatures

These post-quantum cryptography algorithms rely on the security of cryptographic hash functions. Hash-based signatures offer a different mathematical foundation compared to lattice-based methods, serving as a resilient alternative.

• Stateless Hash-Based Digital Signature Algorithm (SLH-DSA):

Standardized as FIPS 205 and based on the SPHINCS+ algorithm (now renamed SLH-DSA). SLH-DSA is designed for digital signatures, providing a more robust, albeit slightly less efficient, option for long-term digital signature integrity. It acts as a backup method should lattice-based approaches prove vulnerable in the future.

Multivariate polynomial cryptography approach uses the difficulty of solving systems of multivariate polynomial equations over finite fields. FALCON, a digital signature algorithm, falls into this category, however, it is not being considered by NIST as an additional alternative standard (FIPS 206) yet.

While these are the primary categories, other types of post-quantum algorithms are also being researched, including code-based cryptography and isogeny-based cryptography. The standardization efforts are ongoing, with NIST continuing to evaluate additional algorithms for future inclusion in standards.

Advantages of post-quantum cryptography algorithms

Post-quantum algorithms offer several key advantages in the face of the quantum computing threat:

Quantum-proof security

This is the core benefit. Post-quantum cryptography algorithms are specifically engineered to resist attacks from quantum computers, like a lock that even the most advanced lock-picking tools a.k.a quantum computers) can’t crack. This means your data stays protected, even if powerful quantum computers become a widespread reality. For businesses, this translates to long-term peace of mind, knowing your valuable information is safe for years to come.

Compatibility with your current setup

You don’t need to tear down your existing IT infrastructure to use post-quantum cryptography algorithms. These algorithms are cleverly designed to work seamlessly with the computers and systems you already have. It’s like adding a super-strong security layer on top of your existing setup, rather than rebuilding everything. This makes the transition much easier and more affordable for businesses of all sizes.

Protection from most kinds of attacks

Cryptography algorithms are not only designed to be quantum-resistant but also to maintain or improve security against classical attacks we face at the moment. For example in 2024, the cost of a data breach in the US reached $9.36 million – now security is more critical than ever.

Multiple lines of defense

The standardization of post-quantum cryptography algorithms from different mathematical families (lattice-based, hash-based, etc.) provides cryptographic diversity. If a weakness is ever found in one type of PQC algorithm, there are others based on completely different mathematical principles ready to take over. For businesses, this means reduced risk and increased resilience.

Forward security

Having the “harvest now, decrypt later” strategy in mind, hackers might steal encrypted data today, knowing they can’t crack it yet. But they’re waiting for quantum computers to become powerful enough to break that encryption.

By using PQC now, you’re protecting your data from this future threat. You’re locking your valuables in a time-locked safe that even future technology can’t open prematurely. This is critical for businesses that handle sensitive information with long-term value, such as intellectual property, customer data, or financial records. In symbiosis with ML for fraud detection, cryptography  algorithms will perform at maximum.

Challenges in implementing post-quantum cryptography algorithms

Despite the clear advantages, implementing post-quantum cryptography is not without its challenges:

Performance overhead

Some post-quantum cryptography algorithms, particularly in their initial implementations, can be computationally more intensive than current cryptographic algorithms. This can lead to performance overhead in terms of processing speed and resource consumption, especially for operations like key generation and digital signing.

Optimization efforts are ongoing to improve the efficiency of post-quantum cryptography algorithms. Furthermore, as the field of cryptography evolves and explores paradigms like account abstraction which aim to enhance user control and flexibility, the efficiency and user-friendliness of post-quantum solutions become even more crucial.

Larger key and signature sizes

Certain PQC algorithms in quantum computing result in larger key sizes and signature sizes compared to traditional cryptography algorithms like RSA or ECC. This can impact storage requirements, bandwidth usage, and communication efficiency. However, algorithms like CRYSTALS-Kyber are noted for having comparatively small encryption keys, mitigating this issue.

Complexity of implementation

Implementing new cryptography algorithms is inherently complex and requires careful attention to detail. PQC algorithms, being relatively new, may present greater implementation challenges initially. Secure implementations require thorough QA and testing, validation, and expertise in cryptography engineering.

Transition and migration costs

Migrating to PQC involves updating cryptographic libraries, protocols, and systems across an organization’s infrastructure. This transition can be a significant undertaking, requiring time, resources, big data consulting, and careful planning. Businesses need to conduct cryptographic asset inventories, risk assessments, and develop migration calendars to manage this process effectively.

Standardization and interoperability

While NIST has finalized the first set of standards, the PQC landscape is still evolving. Ensuring interoperability between different implementations of post-quantum cryptography algorithms and across various platforms is crucial for seamless adoption. Initiatives like the Linux Foundation’s Post-Quantum Cryptography Alliance (PQCA) are working to address interoperability challenges.

Uncertainty and algorithm maturity

As PQC is a relatively new field, there is still ongoing research and analysis of the security of these algorithms. While the standardized cryptography algorithms have undergone rigorous scrutiny, the cryptographic community continues to monitor and analyze them for potential vulnerabilities. The long-term security and maturity of PQC algorithms are still being established.

Real-life examples of post-quantum algorithm implementation

Despite the challenges, several organizations are already taking proactive steps to implement and test post-quantum cryptography:

Apple iMessage

Apple has implemented a new cryptographic protocol called PQ3 in iMessage, starting with iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4. PQ3 is a hybrid protocol combining Elliptic Curve Cryptography with the post-quantum algorithm CRYSTALS-Kyber (ML-KEM). Apple considers PQ3 the most significant cryptographic security upgrade in iMessage history, providing “Level 3 Security” and quantum-resistant protection for its users’ messaging.

Signal messaging app

Signal, another popular secure messaging app, has implemented the PQXDH protocol. PQXDH also uses a hybrid approach, augmenting the existing X3DH protocol with the CRYSTALS-Kyber post-quantum key encapsulation mechanism. Signal aims to ensure that attackers would need to break both the classical and post-quantum systems to compromise communication security.

Amazon Web Services

Amazon has been experimenting with post-quantum cryptography since 2020. AWS is planning to adopt ML-DSA (FIPS 204) for digital signatures and ML-KEM (FIPS 203) for key encapsulation, aligning with NIST standards. AWS is also actively involved in industry initiatives like the NCCoE Migration to Post-Quantum Cryptography project and the Linux Foundation’s PQCA to promote PQC adoption and interoperability.

Google

Google has been proactive in exploring PQC, having experimented with cryptography algorithms like NTRU-HRSS KEM. Google deployed NTRU-HRSS in its internal communications using a hybrid approach combined with X25519. Google is closely monitoring NIST standardization and may re-evaluate its algorithmic choices as the PQC landscape evolves.

Linux Foundation Post-Quantum Cryptography Alliance and Open Quantum Safe

The Linux Foundation has launched the PQCA to accelerate the adoption of PQC. The PQCA hosts projects like the PQ Code Package, providing ready-to-use implementations of PQC standards, and the Open Quantum Safe (OQS) project, which develops and prototypes quantum-resistant cryptography. OQS’s liboqs library has been used by major companies like Meta, IBM, and Microsoft in their PQC research and development efforts.

Conclusion: what to expect in the future

The recent approval of FIPS guidelines for post-quantum cryptography by NIST in August 2024 marks an important moment. We’re already witnessing active research and implementation strategies from tech giants like Google, IBM, Amazon, and Apple, who are integrating these standards into their products.

Projects that possess qualified research and development services teams and substantial budgets, are uniquely positioned to swiftly adapt to the evolving landscape of cryptographic standards. They are exploring implementation of PQC, either by layering newly approved standards or by exploring technologies like STARK proofs, on top of their existing infrastructure.

The speed and scale of the changes call for services that can adapt quickly. PixelPlex research and development, machine learning, and digital transformation services are ideally suited to help businesses navigate this transition, providing the expertise needed to integrate post-quantum security measures effectively and efficiently.

Contact us to explore your project vision and ensure your systems are fortified against the quantum threat.