The Post Quantum Crypto World and the Need for Crypto Agility (W01a)
The security of all computer systems relies on and is built upon cryptographic primitives: block ciphers, hash function, digital signatures, key agreement protocols and more. If these core components of every security design fail, everything else falls apart. Although, cryptography has evolved significantly in the past decades, the way how the industry is using cryptography has not changed so much in comparison. Integrating cryptography in applications is still challenging, requires special expertise and due to the increased diversity and complexity it has become in many cases more difficult.
With the upcoming quantum computer and the threat, it poses for today’s public-key cryptosystem, we face the challenge that all the applications and systems in use will need to switch to new quantum-safe algorithms. At the same time, we need to ensure that new applications are prepared for this and other cryptographic threats. We need new design strategies, we need to move towards cryptographic agility.
In this workshop we will start with post-quantum cryptography. Practical quantum technologies that would allow to build a large-scale quantum computer have been actively emerging. According to some experts, it might take another 10-15 years to be able to build one. Quantum computers will open new capabilities for the world. However, in the hands of malicious adversaries, they could become a real threat. All of today’s standardized public-key cryptography could be efficiently broken by large-scale quantum computers. For a number of reasons, protection against this threat is required to be available now or in near future. As known from practice, the transfer from one cryptographic suite to another is a hard problem from practical side for many companies. This is where agile cryptography comes into play and lets us do this transfer in the smoothest and most efficient way possible. We will describe the current development of quantum-resistant cryptography, briefly describe the main post-quantum areas, the transfer process, and will provide deeper details about elliptic curve isogeny-based scheme, which is currently the most plausible approach for the easier drop-in replacement.
In the second part of the workshop we will focus on cryptographic agility. We will describe the issue and present real-world examples emphasizing the need for agility. We will discuss the methodology of designing crypto agile systems and show requirements for the necessary crypto library. We will have a look at existing crypto libraries and the level of crypto agility they provide. We will show what needs to be changed and how the process of updating the cryptographic algorithms should be handled in a secure way.