Companies Prepare To Fight Quantum Hackers

National-security authorities have warned for years that today's encryption will become vulnerable to hackers when quantum computers are widely available. Companies can now start to integrate new cryptographic algorithms into their products to protect them from future hacks. From a report: Some companies have already taken steps to replace current forms of encryption with post-quantum algorithms. The National Institute of Standards and Technology, an agency of the Commerce Department, published three new algorithms for post-quantum encryption Tuesday.

The three algorithms that NIST selected use different types of encryption to protect digital signatures that authenticates information, and cryptographic key exchange, which keeps data confidential. IBM researchers were part of teams that submitted algorithms that NIST selected. International Business Machines is working with companies in telecommunications, online payments and other industries on how to implement the new standards.

"Our digital economy is toast unless people go in and change the cryptography," said Scott Crowder, vice president of IBM's quantum adoption group. The new standards from NIST will be influential because they will replace encryption algorithms in use all over the world, said Joost Renes, principal cryptographer at NXP Semiconductors, a key provider of chips to the auto industry. NXP customers in different industries have been asking about the new encryption algorithms and want to make sure their suppliers are prepared to migrate to post-quantum cryptography, Renes said. He said NXP will start using the algorithms as soon as possible but declined to comment on when that will be. "You should really look at this as a kind of ongoing transition project which is going to take quite some time," he said.

Yeah but developers like me dont trust them

[AcidFnTonic]

Yeah but developers like me dont trust them. Everything they do is always backed by dirty secret tricks that they see opportunity to get away with.

We have seen time and time again how something was weakened or downright removed by them which later was found to have aided cracking. Often using undisclosed secret mathematics or attacks.

When differential cryptography was unknown they got involved and refused to disclose why the changes to des were made.

They then pushed algorithms with key selection weaknesses so enemies would see everyone using those without realizing when we use it a central authority creates keys with secret knowledge of how to select strong ones.

Now that was figured out so we are back to supposed quantum boogiemen and yet more secret blackbox suggestions that we are told verbatim to trust. To me its a perfect chance to rebackdoor everyone with new weaknesses we wont figure out for another 10-20 years like every other time they pulled this crap.

So yeah, I dont trust them. Maybe they should have modified their behavior in the past before coming at me with more enlightened oracle nonsense.

Re:

[tacokill]

Fair critique.
So who do you trust for something like this?

Re:

[sjames]

I wouldn't put trust in any one person or organization for this, but in the scheme of things, Bruce Schneier [schneier.com] deserves a lot more trust than NIST.

Re:

[phantomfive]

It's ok, quantum cryptography is far off from now. The only reason researchers are working on this is because it's a field with a lot of potential for writing papers.

Re:

[Nkwe]

It's ok, quantum cryptography is far off from now. The only reason researchers are working on this is because it's a field with a lot of potential for writing papers.

It's far off until it's not. Even if it is far off, it takes a long time to deploy new cryptographic algorithms and for existing encrypted data to "age out". Let's say that we are 10 years out from quantum computers from being able to break current encryption. That means that anything being encrypted and archived today (encrypted files, network captures of HTTPS/TLS conversations, etc.) would be readable in 10 years. While some stuff encrypted today won't matter if it can be broken in 10 years, the securit

Re: Yeah but developers like me dont trust them

[phantomfive]

Yeah, you're echoing all the motivated reasoning that researchers use to justify their research choice. But the real reason it has come up is because it's a field with a lot of potential for writing papers.

Re:

[sjames]

10 years is wildly optimistic. So far, quantum computers have barely shown superiority to conventional computers at the task of being a quantum computer!

Read the breathless press releases carefully. I saw one where actual prime factorization of a small number was done. Then realized that once you count the set-up time for the computation, a 6th grader is faster doing it with pencil and paper AND is capable of factoring a much larger number. To get anywhere near the size of the smallest RSA keys, quantum com

Re:

[arglebargle_xiv]

Yup. There was a post to a crypto mailing list a week or two ago with the title "Quantum Cryptanalysis is Bollocks". Not one person on the list, which is composed of cryptographers and security people, disagreed.

However, it's also been at least a week since the last quantum sky-is-falling article on here, and we have to maintain quota.

Re: Yeah but developers like me dont trust them

[phantomfive]

I've asked a person working in the field if they understood Shor's algorithm. "No, but I understand the implications," was the answer I got. I didn't bother continuing the conversation after that.

Re:

[arglebargle_xiv]

Most people in the industry do. The implications are that if we don't jump on the bandwagon we'll miss out on { paper publication credits, research funding, product sales }, take your pick.

Found the article, it's the first Google hit for "quantum cryptanalysis bollocks" [auckland.ac.nz].

Re:

[phantomfive]

ok, from page 25:

"Software security designers and standards people thrive on churn"

I have to admit as a software developer I've made money off churn, too. It's not what I like to do, but people are paying me.

Re:

[BranMan]

Negative! There are real valid reasons to get quantum resistant cryptography NOW. While our adversaries cannot yet decrypt our communications, they can record them.

Once quantum decryption is a thing, they can now decode all those recordings. Now, secrets have a shelf life. Secrets from WWII are only curiosities now. Secrets from 20 years ago, maybe the same. From 10 years ago? Dangerous. From 5 years ago? You'll get a lot of people killed, at a minimum. From last year? Catastrophic.

So, we need t

Re: Yeah but developers like me dont trust them

[phantomfive]

Well when you say it like that, it sounds really scary. Scary man does scary things.

Re: Yeah but developers like me dont trust them

[BranMan]

Researchers work on this because they can get funded to work on it. They donâ(TM)t get to pick their druthers. Lead time is the only reason there is money to research it.

Re:

[phantomfive]

Hype is the reason they can get funded to work on it. In terms of importance, there are about a dozen different security problems that are more important than that. Quantum cryptography is low on the priority list, but it's easy to hype it up.

Re:

[gweihir]

Indeed. Also look at how abysmally some post-quantum algorithms have done just recently. This seems to be a case of throwing out the kid with the bathwater. And there still is no reason to believe QCs will ever scale high enough to threaten current conventional algorithms,

Re:

[coofercat]

Trust them or none, this is all a 'hype' piece. I saw a LI post saying "this is a test of CISOs - either you have a plan, or you're not a CISO" (or some such).

Consumers (ie. CISOs) will buy what's available. If there's a quantum safe version of software to run on their cisco routers, they'll upgrade to it. Otherwise, they'll just stick with what they have already. That'll be perfectly fine for several more years. The traffic they send today would need to be captured and stored for *years* and then cracked b

Remember Dual_EC_DRBG?

[pbry4n]

In 2006, NIST published a standard for random number generation, which included the Dual_EC_DRBG algorithm. In 2013, it was revealed that the NSA had inserted a backdoor into the Dual_EC_DRBG algorithm, which would allow them to predict the output of the random number generator. Perhaps we should remember that when evaluating any other NIST security recommendations.

Re:

[Rockoon]

Paranoid stochastics generators are trivial to implement, although have poor runtime performance.

The art of stochastics generators is landing both performance and quality within the same generator. Nothing the NSA has ever recommended performed well in software and that alone is enough deterrent for use as stochastics generation.

You can't fight quantum hackers

[Rosco P. Coltrane]

You never know where they are exactly. You only know where they're likely to be.

NO MORE SECRETS

[Seven Spirals]

"In a surprise announcement, the Republican National Committee has revealed it is bankrupt. A spokesman for the party said they had plenty of money in their accounts last week, but today they just don't know where the money has gone. But not everybody is going begging. Amnesty International, Greenpeace and the United Negro College Fund announced record earnings this week, due mostly to large, anonymous donations."

Anyone remember that movie?

Re: NO MORE SECRETS

[Ronin Developer]

Anybody want to buy a new pair of "Sneakers?"

Re:

[sjames]

You just need an army of attack cats...