Over the last 30 years, advancements in quantum computing have posed a challenge to the security of cryptography as we use it today. Both RSA and ECC will be broken, and symmetric key algorithms will be weakened because of this risk. As a result, governments across the world are investing billions of dollars to stay on top of these advancements. From a machine identity management perspective, the most important change is coming from the standardization of the quantum safe algorithms being carried out by NIST. This means we'll see a transition period as we work through the migration to new crypto, like we did for SHA-1, which took years to complete. But this time we have the ability to make the transition as efficient and seamless as possible.
The business impact of delaying quantum readiness will include vulnerability to breaches, reputation damage, and financial loss. And so, the question for us is what should we do about it now to minimize the potential impact? We want to be prepared. To do so, we need to take the following two steps. First, to avoid data compromise, we need to implement quantum safe crypto. Second, we want to be able to do it fast, so we need to modernize with speed and agility and be able to quickly respond and adapt to attacks while we're reducing the cost of remediation.
Are these quantum security measures achievable for machine identities? Well, we certainly need to move to quantum persistent crypto, but we also need to maintain sound machine identity management practices. And this includes visibility, automation, and policy enforcement. We need to protect all machine identities, and we need to make sure that the integrations are easy to do.
There's all of this work that we're beginning to think about around how we prepare machine identities for protection against the quantum threat. Let’s start by focusing on what this means from your organization's perspective and how this starts to impact your systems. We hear about quantum impacts everywhere—including in movies and TV shows. Quantum computers are often seen as these fantastical new machines that are being developed all around the world right now. Governments and industries, from the largest enterprises to the newest startups, are focusing on quantum computing. And that's mainly because they have this promise of building and solving problems that we can't solve today.
Quantum computers are very good at one specific math problem—and that math problem unfortunately underlies the cryptography that we use to protect the internet today. Shor's algorithm is used to solve this really cool math problem. Shor’s algorithm, running on a large-scale quantum computer, makes the encryption we rely on today for our internet communications and public key infrastructure—such as RSA and Elliptic Curve — obsolete. What? No security? Now this sounds like a doomsday type scenario. Don’t despair, it's not. This is a planning problem, and we need to start by clearly understanding how big this issue is and where it affects our systems.
Source: ISARA Corporation
If we look at this pyramid, we can see that the cryptography we rely on is everywhere within our organizations. For example, you have a certificate and you use it to access your systems, but it impacts platforms and the architecture of the computer systems that you use, the ability to authorize administrative commands, even how users interact with something like online shopping.
You know these are all super important, and as an organization you need to start thinking about how we prepare our systems to be ready. This may sound like too big of a problem to solve. But it's really not. Your success will be measured in terms of planning and preparation. So, let's look at some specific use cases to help focus your efforts
Future-proof your communications systems
If I'm in an organization today, and I'm thinking about preparing for the quantum threat, the first thing I'm going to do is focus on future-proofing communications. Quantum computers are expected about 10 years from now. If they can break commercial communications, then I need to ready my communications today so that they are protected 10 years from now. I should start looking at solutions now to prepare and protect my communications systems.
As you can see, if you have not started already, it’s time to get planning! At ISARA, we have been working to bring the tools and the knowledge needed to face new quantum risks. This summer, we announced a cryptographic management platform that reveals your blind spots and most importantly, equips you to take action. Additionally, we have collaborated with Venafi and Crypto4A through the Machine Identity Management Development Fund to build integrations with the Venafi Trust Protection Platform to enable a quantum-safe solution that you can start using today.
Learn more about our quantum-ready integrations on the Venafi Marketplace.
As Quantum computing evolves from the theoretical to the practical, data theft is expected to beRead More