1,125 research outputs found
Migrating to Post-Quantum Cryptography: a Framework Using Security Dependency Analysis
Quantum computing is emerging as an unprecedented threat to the current state
of widely used cryptographic systems. Cryptographic methods that have been
considered secure for decades will likely be broken, with enormous impact on
the security of sensitive data and communications in enterprises worldwide. A
plan to migrate to quantum-resistant cryptographic systems is required.
However, migrating an enterprise system to ensure a quantum-safe state is a
complex process. Enterprises will require systematic guidance to perform this
migration to remain resilient in a post-quantum era, as many organisations do
not have staff with the expertise to manage this process unaided. This paper
presents a comprehensive framework designed to aid enterprises in their
migration. The framework articulates key steps and technical considerations in
the cryptographic migration process. It makes use of existing organisational
inventories and provides a roadmap for prioritising the replacement of
cryptosystems in a post-quantum context. The framework enables the efficient
identification of cryptographic objects, and can be integrated with other
frameworks in enterprise settings to minimise operational disruption during
migration. Practical case studies are included to demonstrate the utility and
efficacy of the proposed framework using graph theoretic techniques to
determine and evaluate cryptographic dependencies.Comment: 21 Page
Making Existing Software Quantum Safe: Lessons Learned
In the era of quantum computing, Shor's algorithm running on quantum
computers (QCs) can break asymmetric encryption algorithms that classical
computers essentially cannot. QCs, with the help of Grover's algorithm, can
also speed up the breaking of symmetric encryption algorithms. Though the exact
date when QCs will become "dangerous" for practical problems is unknown, the
consensus is that this future is near. Thus, one needs to start preparing for
the era of quantum advantage and ensure quantum safety proactively.
In this paper, we discuss the effect of quantum advantage on the existing
software systems and recap our seven-step roadmap, deemed 7E. The roadmap gives
developers a structured way to start preparing for the quantum advantage era.
We then report the results of a case study, which validates 7E. Our software
under study is the IBM Db2 database system, where we upgrade the existing
cryptographic schemes to post-quantum cryptography (using Kyber and Dilithium
schemes) and report our findings and learned lessons. The outcome of the study
shows that the 7E roadmap is effective in helping to plan the evolution of
existing software security features towards quantum safety
- …