Quantum computers leverage quantum physics to solve complex calculations at unprecedented speed. Unlike classical computers, which use binary “bits” that can either be 1 or 0, quantum computers use quantum bits (qubits). Qubits can have the value of 0, 1, or a quantum superposition of 0 and 1. A quantum superposition of 0 and 1 means the qubit can hold the value of both 0 and 1, and all the positions in between, at the same time. This allows quantum computers to process large amounts of information in parallel.
Quantum computers are extremely fast at prime factorization, which RSA (Rivest-Shamir-Adleman) encryption relies on for security. They are also able to quickly solve discrete logarithm problems, which are the basis for the security of ECC (Elliptic Curve Cryptography). According to the Global Risk Institute’s Quantum Threat Timeline Report, published January 2024, “there is no known fundamental barrier to realizing large-scale quantum computing.” Most experts agree that a quantum computer capable of breaking RSA and ECC encryption in seconds could be developed as soon as 2030. In comparison, with current technology, cracking the latest RSA standard could take a billion years or more.
Quantum computers also reduce the time required to break symmetric encryption algorithms such as AES, ARIA, etc. using Grover’s algorithm by half. As a result, symmetric encryption algorithms are considered “quantum safe,” provided 256-bit keys (AES-256) are used.
The continuous advancement of quantum computing poses a significant risk to our current cryptography, which supports digital security, leading to a critical area of research: Post-Quantum Cryptography (PQC).
Understanding Post-Quantum Cryptography
Cryptography prevents unauthorized access to information as it travels or is stored online, such as uploading data, making an online purchase, or accessing work accounts. The technique is to convert plain text into ciphertext using encryption algorithms to make it infeasible to decode without the encryption keys.
PQC is a group of encrypting algorithms that cannot be broken by quantum computers. PQC is based on new algorithms that can be implemented on current computer systems, while remaining secure even in a world where quantum computers are dominant.
Post-Quantum Cryptography utilizes new mathematical techniques to enable the formation of a public-key encryption system that is safe from threats from quantum computers. Several approaches that are considered quantum-proof are:
- Lattice-based Cryptography - relies on complex problems related to lattices in n-dimensional spaces. It is believed to be secure against quantum attacks as the patterns in a lattice expand infinitely and are difficult to break.
- Code-based Cryptography - based on decoding random linear codes. One notable example is McEliece’s encryption scheme.
- Hash-based signature scheme - uses hash functions for security. Stateful hash-based signature schemes start with a key pair that should be used to sign one message. Leighton-Micali Hash-Based Signatures (LMS) and eXtended Merkle Signature Scheme (XMSS) are good examples of this approach.
The National Institute of Standards and Technology (NIST) stands at the forefront of the PQC movement and held a contest, starting in 2016, to standardize PQC algorithms. The process involves meticulous testing of security, performance, and practicality across multiple platforms. Currently, four standards have been chosen: ML-KEM (Kyber), ML-DSA (Dilithium), SLH-DSA (SPHINCS+), and FN-DSA (FALCON). NIST has also standardized two stateful hash-based signature schemes: LMS and XMSS. These size algorithms will become the foundation organizations can adopt to secure data against quantum threats.
How Post-Quantum Cryptography Affects Data Security
Once quantum computers become available to adversaries, internet banking, virtual private networks, and critical infrastructures will be in jeopardy. Massive data breaches are likely to occur if systems are not upgraded to utilize PQC algorithms. RSA and ECC algorithms are vulnerable to attacks that allow adversaries to decrypt data and forge signatures, leading to tampering of data, identity theft, etc.
PQC algorithms, such as the lattice-based cryptography algorithms standardized by NIST, safeguard the long-term security of sensitive data. Hash-based signature schemes also allow for quantum-safe digital signatures. These algorithms enable protocols and systems to resist quantum attacks, helping communication channels remain secure.
The era of quantum technology is rapidly evolving and the importance of PQC cannot be overstated. The development and adoption of robust and quantum-resistant algorithms is fundamental in protecting susceptible information in the future.
The transition to post-quantum cryptographic algorithms can be complex as it involves developing secure algorithms, while ensuring efficiency in implementation on existing systems. Businesses and the public need to expand their knowledge and understanding of PQC to ensure timely adoption.
FPGAs and Post-Quantum Cryptography
FPGAs offer low power consumption, speed, flexibility, and high performance, making them ideal for accelerating PQC algorithms. FPGAs can be customized based on specific schemes, leveraging unique features such as reconfigurability and parallelism.
For applications such as network security, hardware security modules, and secure communication, FPGA-based implementations of cryptographic primitives provide low latency and high throughput.
Since FPGAs can be reconfigured to implement various PQC algorithms, organizations can future-proof their hardware against potential threats from quantum computing.
Lattice provides organizations with a secure FPGA platforms and products, including: Lattice Sentry™ Solution Stack, Lattice Avant™ Mid-range FPGA platform, and Lattice Nexus™ Small FPGA Platform, which meet advancing security standards, and enable prompt adoption of PQC.
To learn more about how Lattice can help you implement PQC and future-proof your systems, reach out to our team today.