Home » Interview PQC with Prof. Dr. Hänggi – Part 2
Interview PQC with Prof. Dr. Hänggi – Part 2
The second part of our interview with Professor Hänggi focuses on the technical challenges of post-quantum cryptography. In particular, it looks at the impact of post-quantum cryptography on certificate management solutions and how companies can prepare for its use today.
Read more about the work of the HSLU research group and essendi it AG in part 1 of the interview.
Over the next few years, post-quantum cryptography will gradually be used wherever currently public key cryptography is applied.
Various regulatory bodies are recommending - and will soon require - a switch to post-quantum cryptography.
Technical Challenges
What are the technical challenges of integrating post-quantum cryptography with existing certificate management solutions?
Due to the nature of post-quantum algorithms, some keys are longer or the creation and/or verification of signatures takes longer. This simply raises the question of whether these changes are compatible with a system. Is the “throughput” still high enough? Do small devices, e.g. embedded devices, still have enough resources to compute the new algorithms?
Then the big question is how to make the technical transition to the new algorithms. For example, there are proposals to extend certificate structures to support both conventional and post-quantum algorithms.
How do you think companies and organisations can prepare their certificate management infrastructures for post-quantum cryptography?
It would be important for organisations to understand where they are using certificates (or cryptography in general) and what the requirements are for different use cases. For example, in terms of security level, speed, hardware of devices running the algorithms, etc.
Recent developments
What current developments do you see in post-quantum cryptography and how might they affect certificate management?
Standardisation is certainly an important current development. In the near future, this will also lead to specifications being made by government bodies, for example, where post-quantum cryptography must be used.
Are there any known adaptations or solutions for certificate management in the context of post-quantum cryptography?
For example, there are concrete proposals on how certificates can be extended to support both “classical” and post-quantum algorithms at the same time. However, it is not yet entirely clear which form will prevail.
Applications and impact on industry
Where is post-quantum encryption being used today?
Post-quantum cryptography does not require any special hardware, so it is relatively easy to implement in many products and to run on end devices. From a technical point of view, it can be used today. The reason why many companies are still waiting to integrate post-quantum algorithms is that they are currently being standardised. So companies are waiting for the official specifications or the official standards. As many of these standards are being published, many new use cases are likely to be added in the near future. A number of products already use post-quantum cryptography today, usually in a “hybrid” form, i.e. together with “conventional” cryptography. These products include the Signal messaging app and Apple’s iMessage; openSSH; the Google Chrome and Mozilla Firefox browsers; and the Tuta email provider.
How can companies benefit from this research in general?
Specifically in the case of essendi xc, our research ensures that essendi it knows exactly how a transition to post-quantum algorithms can be made and in which use cases preparatory work may be necessary or need to be examined more closely. Measures will be identified to ensure a smooth transition, which may even be built into the product.
How might the impact of post-quantum cryptography on certificate management solutions affect specific industries or applications? And which industries in particular could benefit from this research?
Basically, post-quantum cryptography is an issue for all industries and applications and will be deployed everywhere in the next few years. Of course, there are use cases where a change in cryptography is particularly challenging. For example, in industries where equipment has a very long life and is difficult to update. Then the properties of post-quantum algorithms can cause difficulties for ‘small’ devices with little memory or computing power.
Recommendations for implementation
What recommendations would you give to companies or organisations to prepare for the era of post-quantum cryptography, especially in the area of certificate management?
First of all, the company or organisation should know what cryptographic algorithms are being used and where. It should therefore have a kind of “inventory”. It should also know what the purpose of the cryptography is. This can then be used to decide where a change is urgent and where it may be possible to wait longer. You can then decide how to proceed. Both technically and strategically: Can the changeover be done “softly” or is it advisable to shut down certain systems?
Are there any best practices or strategies you would recommend to companies?
Virtually all organisations recommend not simply switching to “post-quantum algorithms”, but rather “hybrid” strategies. In other words, procedures that use “classical” algorithms together with post-quantum algorithms. The two “types” of algorithms can be combined in a clever way so that the resulting algorithm remains secure even if one of the two types is broken.
The reason for this recommendation is that it cannot be ruled out that vulnerabilities will be found in cryptographic algorithms in the future. This has always been the case (e.g. the MD5 hash function is now considered completely broken, but this vulnerability was not known about thirty years ago). The algorithm can then no longer be used. Of course, this can also happen with post-quantum algorithms.
In general, therefore, companies should think “crypto-agile”, i.e. they should consider the possibility of an algorithm change when designing systems and build them in such a way that this is not a problem. This applies not only to the software code, but also to how the change can be implemented in the process.
Staying with the certificate management example, the following questions should be asked
– Do all certificates need to be reissued all of a sudden?
– Will the systems still work after the change?
– Can the change take place gradually?
If the systems are not designed correctly, this can have a major impact on the running systems and therefore the business.
Future of post-quantum cryptography
Where do you see a particular need for post-quantum cryptography in the future?
Over the next few years, post-quantum cryptography will gradually be used wherever currently public key cryptography is applied. In other words, wherever electronic signatures are used (this is not only the case for electronic signatures, but also for authentication on the Internet or with smart cards), or wherever keys are exchanged with parties with whom I do not yet share a secret (e.g. when encrypting an Internet connection between a browser and a server, or between two servers).
I’m saying this not because I personally think it’s good or cool, but because various regulatory bodies are recommending – and will soon require – a switch to post-quantum cryptography. So there will be no other choice.
Thank you for your insights into post-quantum cryptography. Your research provides valuable guidance at a time when the security of digital systems is an ever-increasing challenge. We are grateful for the opportunity to benefit from your expertise and look forward to further exciting developments in this area.
Prof Esther Hänggi
Our guest author, Prof Esther Hänggi, teaches Information Security Fundamentals and Quantum Computing at the Lucerne University of Applied Sciences and Arts and conducts research in these areas together with industry partners.
