As part 2 of this 3-part series, here we look at new applications such as blockchain and IoT, as well as the impact of quantum technology.
In part 1 we look at major cryptographic algorithms and the challenges of the increasing demand for encrypted communication and encrypted data.
Blockchain technology (also known as distributed ledger technology, or DLT) is emerging as a powerful new tool for a whole range of applications, from cryptocurrencies to digital identity and smart contracts. Whilst not introducing any new cryptographic fundamentals, it nonetheless raises the bar in terms of the assurance required of cryptographic implementation and key management, given the potential significance of the transactions involved.
Whilst some of the wild and varied promises of blockchain may not be fully realized, at least in the near term, it seems likely that the technology will eventually penetrate many aspects of the way organizations do business. This will create a need for highly-dependable cryptography and strong protection of private keys – both of which are dependent on hardware security modules (HSMs) today. Later in this article, we will look at the impact of cloud technology in this area.
By contrast, the Internet of Things (IoT) is very much here today, and growing explosively. From home and office devices to smart cars, smart cities and industrial control, IoT promises to build huge, distributed networks providing unparalleled access to real-time data and the ability to control the world around us. The IoT domain will also intersect significantly with two other rapidly-growing domains - Big Data and Artificial Intelligence.
The distributed nature of IoT necessitates secure communication with and between billions of devices. This relies on cryptography, whether for authenticating devices, protecting the confidentiality and integrity of communications or for distributing digitally-signed firmware updates. Many applications, such as smart cars and industrial control, require very high levels of security, as a successful cyber attack could endanger not only sensitive data but human life.
As with blockchain, this will drive the need for highly-dependable cryptography and strong protection of private keys; but in this case, at a very large scale. The assurance of code signing will also be critical to prevent attackers stealing signing credentials to upload malicious firmware. At the other end of the spectrum, ultra-small and cheap IoT devices, possibly powered by battery or solar cell, will drive a demand for new lightweight cryptographic technologies that require very little CPU power, memory or energy. This is a major area of research today and will result in new algorithms being developed.
Digital signatures are another area where we can expect to see significant growth over the coming decade. Whilst digital signature technology has been with us for a long time, the recent introduction of the eIDAS legislation in the European Union means that “Qualified Electronic Signatures” finally carry the same legal value as traditional “wet” signatures. This means that millions of transactions, contracts and other documents can now be signed and processed more quickly, more efficiently and with less friction than before, benefiting organizations, consumers and the environment alike.
To achieve the levels of assurance required, including non-repudiation, the eIDAS specifications require the use of HSM technology with a special eIDAS certification.
With certified solutions just starting to come to market, this is likely to be an explosive growth area within Europe over the next 5 years and, as vendors seek to capitalize on their investments, the technology could become a de-facto standard in other parts of the world over time.
Quantum technology promises to deliver many advances in the field of cryptography over the next 10 years. The first is quantum random number generation (QRNG). This is where quantum phenomena are used to create a noise source with a higher level of entropy (i.e. randomness) than is produced by other techniques. Randomness is a highly-valued commodity in cryptography – the slightest predictability can give an attacker the edge they need.
QRNG devices are available today, but still comparatively expensive, bulky and slow. However, the technology may find its way into high-end cryptographic solutions over the next 5-10 years and as the basis for “entropy as a service” (EaaS) solutions, supplying high-quality random numbers over the Internet for IoT and other applications.
But the type of quantum technology that threatens to have the greatest impact is quantum computing. A quantum computer of a sufficient size would be able to break many modern algorithms – in particular, it would render today’s asymmetric algorithms, such as RSA and ECDSA, completely useless, and would halve the effective key length of symmetric algorithms. The technology has already been proven at small scale, and now governments, academia and industry are all rushing to build larger computers. The technological barriers are enormous, and no-one can say when, or indeed if, they will be successful, but the general consensus is that it will most likely happen within the next 10 years.
There are a number of strategies available to mitigate against this threat. Perhaps the most obvious is to develop new, quantum-safe algorithms (also known as quantum-proof, quantum-resistant or post-quantum algorithms). This is an activity that many people are already working on, and which NIST is helping to encourage and coordinate.
Some candidate algorithms exist today, based on new approaches such as lattice-based cryptography, multivariate cryptography, hash-based cryptography, code-base cryptography or supersingular elliptic curve isogeny cryptography. (These are too technical to describe here, but an overview can be found on Wikipedia.) However, the process of evaluating, comparing, standardizing and rolling out new algorithms, which must be at least as small and fast as today’s algorithms and resistant to attack by both classical and quantum methods, is something that is likely to take more than 10 years.
Given uncertainties around the timescales for the availability of affordable quantum computers and quantum-safe algorithms, all we can say for certain is that organizations should be prepared to make a rapid transition when the time comes. Also, bear in mind that an attacker could capture data from a TLS session today and, at some point in the future when they have a quantum computer, could decrypt that session.
Hence, if a piece of data still has some value 5 years later, then quantum-safe algorithms should be adopted to protect that data 5 years before quantum computers become available! This is of particular concern in the defense sector, where data concerning national security may have an intelligence life of 25 years or more, and the only short-term mitigation is to employ symmetric algorithms, which are considered to be quantum-safe when used with a 256-bit key, in the key establishment process.
The problem with using symmetric keys for this purpose is the reason why asymmetric algorithms were developed in the first place and have been so successful – namely the difficulty of securely sharing a secret symmetric key. This presents fewer problems for the military, who are accustomed to moving secret key material around under armed guard and storing it inside secure military bases. NIST is starting to provide guidance on the techniques and security considerations of using symmetric key cryptography for key establishment.
One potential way to solve the secret key distribution problem is to use another quantum technology, namely quantum key distribution (QKD). This utilizes the quantum behavior of single photons to enable sending a secret key over a fiber optic cable while reliably detecting whether an attacker has seen it. However, although such technology has been successfully demonstrated, it is expensive, has distance limitations, and is susceptible to vulnerabilities resulting from imperfect implementation.
Overall, quantum technology is an area of significant investment and rapid but unpredictable advances. The best advice is to monitor the state-of-the-art, take notice of the many initiatives being driven by NIST, and try to make your organization more crypto-agile so that it can adopt new algorithms and new technology quickly when the time comes.
In the next and final part of this series, we will look at how cloud computing will impact the use of cryptography and at the future of HSMs; and finally, we reflect on what you can do to be ready for the advances in cryptography that lie ahead. Be sure to subscribe to the Cryptomathic Blog to receive notification when the next part is available.
References and further reading
- Cryptography – The Next 10 Years (Part 1) (2018), by Rob Stubbs
- Cryptography – The Next 10 Years (Part 2) (2018), by Rob Stubbs
- Cryptography – The Next 10 Years (Part 3) (2018), by Rob Stubbs
- Selected articles on Key Management (2012-today) by Ashiq JA, Dawn M. Turner, Guillaume Forget, James H. Reinholm, Martin Eriksen, Peter Landrock, Peter Smirnoff, Stefan Hansen and more
- Entropy as a Service (retrieved August 2018), by NIST
- Post Quantum Cryptography (retrieved August 2018), by NIST
- Key Establishment Using Symmetric Block Ciphers (July 2018), by NIST
NIST SP800-130: A Framework for Designing Cryptographic Key Management Systems (2013) by Elaine Barker, Miles Smid, Dennis Branstad, and Santosh Chokhani
NIST SP800-57 Part 1 Revision 4: A Recommendation for Key Management (2016) by Elaine Barker
- Selected articles on HSMs (2013-today), by Ashiq JA, Peter Landrock, Peter Smirnoff, Steve Marshall, Torben Pedersen and more
Image: "2008, 2009" courtesy of NYCandre, Flickr, (CC BY 2.0)