.png?width=323&name=Customer%20Advisory%20Board%202019%20(4).png)
16th of January, 2020
Hilton Santa Clara in Santa Clara (near Levi's Stadium)
Since Peter Shor of AT&T Bell Laboratories first published an efficient quantum algorithm for factoring in 1994, we have known that when a general-purpose quantum computer of sufficient size is built then all our commonly-used public-key cryptographic algorithms will be broken. Across Microsoft, we use HSMs extensively to provision and protect many services including public key infrastructure (PKI), code signing, and cloud computing. In this talk I will discuss how Microsoft is preparing for a transition to quantum-resistant public-key algorithms, including our development of candidate quantum-resistant algorithms and our participation in the ongoing US NIST Post-Quantum Cryptography Standardization Process. I will also discuss our integrations to date of those algorithms into OpenSSL, OpenSSH, OpenVPN, the Open Quantum Safe (OQS) library, an Utimaco HSM, and how we have used the HSM to issue X.509 certificates using hybrid classical/post-quantum signatures with our Picnic post-quantum digital signature algorithm.
Quantum computers have the potential to solve currently intractable computational problems. This will drastically undermine the security of widely deployed cryptosystems, such as RSA and Elliptic Curve Cryptography. To mitigate this potential crypto-apocalypse, a large number of researchers have investigated a variety of cryptography algorithmic families potentially safe against quantum threats, such as: hash-based signatures, lattices, codes, multivariate quadratic equations, and super-singular isogeny cryptography, just to mention the most studied ones. In this talk, we will provide a deep-dive in two of these families: hash-based signatures and code-based cryptography. Both of them offer unique characteristics, are being considered in standardization processes (e.g. NIST & ISO/IEC) and represent very promising alternatives for RSA & ECC.
This presentation introduces NIST Post-Quantum Cryptography (PQC) Standardization project. It discusses challenges in deploying post-quantum cryptography in the existing applications and explores possible strategies for transition and migration.
Contrary to what you may have heard, the advent of quantum computing won’t spell the end to encryption as we know it. That is, if enterprises have taken the necessary steps to prepare for a post-quantum future.
Currently, the security of many cryptographic algorithms — which protect everything from online banking transactions to people’s online identities and private email messages — relies on the difficulty conventional computers have with factoring large numbers. The problem is that quantum computers will be able to break several popular public-key cryptography systems relatively quickly, such as RSA and Diffie-Hellman.
To survive in a post-quantum world, algorithms must be based on different mathematical tools that can resist both quantum and conventional attacks. To that end, the National Institute of Standards and Technology (NIST) is currently evaluating 26 quantum-proof algorithms to determine performance across everything from massive supercomputers to Internet of Things devices. Presuming that NIST’s and other researchers’ efforts are successful, quantum-safe cryptography should be available well before the arrival of large-scale quantum computers that can break RSA and other vulnerable algorithms.
Despite these promising developments, enterprises can ill afford to wait until algorithms start breaking because there’s too much at stake. And the industry’s track record for absorbing new algorithms is not great. For example, SHA1 depreciation was recommended five years before it went into effect and took 13 years from the recommendation stage until widespread change. However, SHA1 only dealt with signature integrity while post-quantum deals with the far greater exposure of sensitive data and signatures.
To be prepared, enterprises must begin the process of assessing their current systems, software and appliances now, otherwise these systems will become impediments and potentially open the door to countless vulnerabilities. Once the weak links are identified, it will be important to begin working with vendors to determine their roadmap and timeline for post-quantum integration. Third-party vendors will often take a wait-and-see approach, which could be a recipe for disaster if quantum computing arrives sooner rather than later. Similar to the Y2K problem, enterprises had advance warning, implemented necessary changes, and were able to minimize disruption as a result. In this presentation we will address the roadmap enterprises should take to identify and remediate systems in their environment in preparation for the post-quantum world.
There’s a lot at stake and questions abound. Subject matter expert, Mark B. Cooper aka The PKI Guy, will offer up answers and recommendations about how to best ready the enterprise, including quantum key distribution, migration, and implementation. He’ll explain how enterprises can rate systems based on risk and exposure, such as external authentication and data protection vs. an internal employee portal. He will also explain how to develop a strategy for systems that can only support a single PKI chain (such as an appliance) and provide guidance for when the transitions occur when authenticating systems use post-quantum and legacy crypto (RSA/ECC), and more.
Over the next 10-20 years, over 20 billion digital devices will need to be either upgraded or replaced to use quantum resistant public key cryptographic algorithms instead of the current RSA or Elliptical Curve based algorithms we use today. This situation is similar to the Y2K situation experienced 20 years ago which required updating the date field in older software programs from two digits to four digits so they wouldn’t get confused when the year flipped over from 1999 to 2000. It is estimated that the industry spent over $300 billion worldwide to resolve this Y2K problem. Although powerful quantum computers that can factor large semi-prime numbers using Shor’s algorithm are not projected to be available for at least another ten years, organizations should start their planning now to ensure their confidential data is not at risk to an adversary’s attack using a future high performance quantum computer. This presentation will provide a summary of a market analysis for post quantum cryptography products and services, provide an estimate of expected adoption trends, and a description of how we expect these upgrades to be implemented in different market segments. Most importantly, the presentation will describe certain situations where near term actions are recommended and describe some approaches that companies may consider using right now to ensure they do not have much larger problems in the future.
Kostas is a Cryptographer at Calibra, co-author of "The Libra Blockchain" paper and main contributor to Libra's cryptography api. He was previously the lead cryptographer at R3 and the Corda blockchain, while he is the main author of the "Blockchained Post-Quantum Signatures" and "Improved Anonymous Timed Release Encryption" papers, which are considered some of the fastest protocols in their fields. Kostas has a PhD in Identity-Based Encryption and holds a number of blockchain and cryptography related patents. His fields of expertise vary from public key cryptography, HSM custodial services, smart contracts for atomic swaps and payment channels, key compromise attacks and zero knowledge proofs, among the others.
