ATIS today announced publication of Implications of Entropy on Symmetric Key Encryption Resilience to Quantum, a new paper that examines the security implications of quantum computing and the potential impacts on communications services providers.
Quantum computing (QC) leverages the quantum properties of entanglement and superposition to deliver a huge leap forward in computation for problem solving. With quantum, certain computational problems can be solved within a short period of time that would ordinarily take a classical computer thousands of years to solve. However, this power can be used to break current cryptography, including that used in communications services providers’ security algorithms/configurations.
The current assumption for improving symmetric key cryptography resilience from a QC attack in the future is to simply increase the encryption key length to 256 bits from the minimum of 128 bits. The 128 bits is the security strength generally required by information security standards to date. ATIS, collaborating with academia and industry, undertook a study that found that simply increasing the key length alone is not sufficient. There needs to be assurance that the cryptographic secret key generation comes from a good source of entropy, i.e., the secret key is truly random across all 256 bits. If the key generation is of poor entropy, increasing the symmetric key length to 256 bits will have no greater defense from the power of a QC.
The paper covers the risk posed to devices, applications and services when planning transition strategies for the quantum era. Transition strategies involve assessing their ability to adapt to new cryptographic techniques and standards as they emerge. The goal for communications services providers is to take a long view and protect against potential vulnerabilities that QC capabilities may expose.
“Widespread application of quantum computing will not take place for up to 10 years in the future; however, the security implications will be far-reaching,” said ATIS President and CEO Susan Miller. “ATIS has offered insight into the threats that quantum computing introduces and builds a case for why now is the time to start preparing to make communications services systems quantum safe.”
Development of Implications of Entropy on Symmetric Key Encryption Resilience to Quantum took place in ATIS’ Quantum-Safe Communications and Information Initiative, which has been exploring this issue, including what other quantum technologies could be used to improve security in ways that could not be provided by enhancements to cryptography alone. This paper was a collaborative effort by Ian Deakin, ATIS Principal Technologist; Walter Krawec, Assistant Professor of Computer Science and Engineering at the University of Connecticut; and William Trost, Lead Member of Technical Staff, Quantum Computing Security Lead, Chief Security Officer, AT&T.
Access Implications of Entropy on Symmetric Key Encryption Resilience to Quantum.