Skip to main content
banner image
venafi logo

How Long Can We Trust the Green Padlock?

How Long Can We Trust the Green Padlock?

 Green Padlock
August 2, 2018 | Gorav Arora, director, CTO office at Gemalto

The green padlock has become synonymous with safety and security. As we surf the internet, we breathe a sigh of relief anytime we see it when entering our credentials, credit cards, and other personal information. We have been trained to do so by experts and browser companies alike.

The adoption of secure networks continues to rise in businesses as they deploy more VPNs, network encryption between sites, etc. It is also becoming standard practice for businesses to configure their in-house applications/microservices to use mutual authentication when communicating.

So, what happens if one day the green padlock becomes meaningless?

Most forms of encrypted traffic have one thing in common -- the mechanism of establishing the identity of the machines involved in the communication. Certificates/symmetric keys form the foundation, which are generated based on recommended algorithms and key lengths to ensure a hacker cannot practically reverse them with suitable time and computing resources.

However, all of these assumptions about the impracticality of brute-forcing or reverse engineering the keys are turned on their head with the near inevitability of Quantum Computing. “For public key cryptography, the damage from quantum computer will be catastrophic,” Lily Chen, mathematician, and leader of the National Institute of Standards and Technology’s Cryptographic Technology Group, said in a session at the American Association for the Advancement of Science’s 2018 annual meeting in Austin, Texas, according to Gizmodo.

It should be noted that this threat is not isolated to future data when Quantum Computing becomes a reality. Today's encrypted communications and data remains potentially vulnerable to hackers of the future through a scheme called harvest and decrypt. In this long-game attack, hackers scrape the encrypted data and hold it until quantum computers are more accessible to crack the encryption and decrypt. Clearly, not all data would be valuable in the future, but nation secrets, personal health records, company IP (e.g. Coke secret recipe) are all examples of data that can be potential targets. NSA itself uses this technique, as revealed through the leaks from Edward Snowden.

It would thus be prudent for businesses to prepare for the threat of Quantum Computing on their data, including machine identities. NIST (National Institute of Standards & Technology) provides a simple strategic framework to help assess the threat.

Businesses can prepare by asking themselves the 3 questions and determine if they are at risk. They could begin to mitigate the risk today by increasing key length, using double encryption and improving their "crypto-agility". Investing in the tools and processes that provide control and automation of the machine identity lifecycle, could be crucial for their survival in the era of Quantum Computing, and maintaining the relevance of the green padlock.

To learn more visit Gemalto Booth 858 and Venafi Booth 144 at Black Hat USA 2018 in Las Vegas.

Related posts

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

About the author

Gorav Arora, director, CTO office at Gemalto
Gorav Arora, director, CTO office at Gemalto

Gorav Arora is CTO at SafeNet, a Gemalto Company. His experience is in taking products from early conceptual product ideas to full-fledged shipping versions, with an extensive software and hardware development background.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat