Analysis of Information Security Threats for Quantum Computing and Countermeasures

※ Research on Information Society Policy Thought Bank ※※ Barometer of Information and Communication Technology Frontiers ※

Author Introduction

LAI Junsen

Chief Engineer of the Optical Network Technology and Application Research Department at the Technology and Standards Research Institute of the China Academy of Information and Communications Technology, Senior Engineer, with main research directions in quantum information, quantum communication, and quantum computing.

ZHAO Wenyu

Deputy Director of the Technology and Standards Research Institute of the China Academy of Information and Communications Technology, Senior Engineer, with main research directions in high-speed optical communication, optical module devices, and quantum information.

ZHANG Haiyi

Director of the Technology and Standards Research Institute of the China Academy of Information and Communications Technology, Senior Engineer, with main research directions in high-speed optical communication, quantum information, and network artificial intelligence.

Citation format:

LAI Junsen, ZHAO Wenyu, ZHANG Haiyi. Analysis of Information Security Threats for Quantum Computing and Countermeasures[J]. Information Communication Technology and Policy, 2024, 50(7): 24-29.

Analysis of Information Security Threats for Quantum Computing and Countermeasures

LAI Junsen ZHAO Wenyu ZHANG Haiyi

Technology and Standards Research Institute, China Academy of Information and Communications Technology, Beijing 100191

Abstract:Quantum computing has been theoretically proven to have a public key cryptography cracking capability that far exceeds that of classical computing. In recent years, the rapid development of quantum computing has triggered the information security threat of public key cryptography, which has become a raising concern for the global information security authorities and the Information and Communications Technology (ICT) industries. This paper first analyzes the information security threats and impacts of quantum computing. Then, it discusses the technical characteristics and application trends of the two main countermeasures, namely, post quantum cryptography (PQC) and quantum key distribution (QKD). Finally, it puts forward the development suggestions for dealing with the information security threats of quantum computing.

Keywords:quantum computing; information security; PQC; QKD

0 Introduction

Quantum computing is expected to bring a paradigm shift in computing and a leap in computational power, becoming an important driving force for empowering the digital economy and accelerating the development of the information industry. However, it may also trigger information security threats that rapidly compute and crack the underlying mathematical problems of cryptography. Currently, rapid progress in technology and engineering research and development in the field of quantum computing has raised the global information security industry’s awareness of the risks of cryptography cracking. Post-Quantum Cryptography (PQC) provides new public key cryptographic algorithms by upgrading the underlying mathematical problems, while Quantum Key Distribution (QKD) offers symmetric key sharing based on the principles of quantum physics. Both are the main solutions to address the information security threats posed by quantum computing.

1 Information Security Threats and Impacts of Quantum Computing

1.1 Quantum Computing Cracking Cryptography “Affects All”

Cryptography is a fundamental cornerstone for ensuring information security in cyberspace and maintaining the integrity of the digital trust system, playing an irreplaceable role in ensuring the “authenticity” of physical identities, the “confidentiality” and “integrity” of data transmission, and the “non-repudiation” of key actions. For symmetric encryption algorithms, such as the Advanced Encryption Standard (AES) and SM4.0 block cipher standard, quantum computers capable of effectively running Grover’s algorithm can enhance the efficiency of ciphertext cracking to some extent. However, the industry believes that increasing the symmetric key length can effectively counter this security threat[1]. For asymmetric encryption algorithms, such as RSA and Elliptic Curve Cryptography (ECC), quantum computers capable of effectively running Shor’s algorithm can quickly solve the underlying mathematical problems of prime factorization and discrete logarithm, thereby cracking public key cryptography and severely affecting many cryptographic applications based on public key cryptography, including key exchange, digital signatures, and identity authentication[2].

The cracking of public key cryptography by quantum computing triggers a network information security risk that “affects all”, not only causing destructive threats to the digital trust system in cyberspace but also disrupting the normal operating order of politics, economy, and society. It also poses a retrospective threat of “interception first, then cracking” to sensitive information that requires long-term confidentiality[3]. For example, if digital certificates of platforms such as Internet service providers and government information websites are cracked, it could lead to large-scale user information leakage, website hijacking, and the dissemination of harmful information, resulting in political and social risks. If the measurement and control information of critical infrastructure such as energy, electricity, and transportation is tampered with, it could lead to significant safety incidents such as facility paralysis, destruction, and loss of personnel and property. If electronic certification systems in fields like finance and healthcare are cracked, it could result in forged contracts, policies, electronic medical records, and other risks that threaten financial order and economic operations.

1.2 Rapid Development of Quantum Computing, Increasing Security Threats

The RAND Corporation in the United States predicted that quantum computers capable of cracking passwords will appear around 2033[4]. Current quantum computing prototypes still have a significant gap in key performance indicators such as qubit scale, coherence time, logical gate fidelity, preparation measurement accuracy, and quantum volume before they can effectively run Shor’s algorithm and crack public key cryptography. However, it is important to note that on one hand, major countries and technology giants around the world are maintaining high-intensity research and development investments in the field of quantum computing, with continuous breakthroughs in technological challenges and engineering research and development. The qubit scale of superconducting, trapped ions, neutral atoms, and other technical routes is rapidly increasing, and quantum error correction experimental research has continuously made breakthrough progress, indicating an accelerating trend in quantum computing development[5]. On the other hand, research on quantum computing cracking algorithms is also deepening. In September 2023, Oded Regev from New York University proposed an optimization scheme for Shor’s algorithm, improving the efficiency of prime factorization calculations and reducing the hardware resource requirements for logical qubits, marking the most significant improvement since the introduction of Shor’s algorithm[6]. In October 2023, Seyoon Ragavan and Vinod Vaikuntanathan from MIT optimized the Regev algorithm, maintaining the number of operations while further reducing the resource requirements for logical qubits, greatly enhancing the feasibility of quantum prime factorization algorithms. Overall, the rapid improvement in the hardware capabilities of quantum computing prototypes, combined with the continuous optimization of the efficiency and feasibility of cracking algorithms, may lead to the information security threat of quantum computing cracking public key cryptography arriving sooner.

2 Progress in PQC Research and Application

2.1 Europe and America have a deep accumulation in PQC research for nearly thirty years

Since the emergence of Shor’s algorithm in 1994, the theoretical feasibility of quantum computing cracking public key cryptography has prompted a rapid response from the cryptography community in Europe and America, which has begun to study countermeasures. In 1996, the concept of PQC and lattice encryption algorithms were proposed, and a large amount of foundational theory, algorithm design, and cryptanalysis research has been conducted in the following two decades[2]. PQC upgrades the underlying mathematical problems to design new encryption algorithms that can resist known quantum computing cracking capabilities, taking advantage of the computational parallelism brought by quantum state superposition and entanglement. The underlying mathematical problems of typical PQC algorithms, such as lattice encryption and hash signatures, have been theoretically verified to have security against quantum computing attacks. In the past decade, the rapid development of quantum computing has made the real threat of cracking public key cryptography more urgent, prompting Europe and America to accelerate the advancement of PQC. The National Institute of Standards and Technology (NIST) in the United States, as the organization that establishes existing public key cryptography standards, has placed high importance on the security threats posed by quantum computing. Since 2006, it has organized international seminars, established research project teams, and collaborated with the global cryptography community to promote PQC research. The European Telecommunications Standards Institute has published more than ten research, assessment, and guidance reports in the field of anti-quantum cryptography, organizing technical tests and demonstration applications[8]. Canada has built a testing platform for anti-quantum cryptography to conduct integrated testing of various algorithms and protocols. After more than twenty years of research and verification, PQC algorithms and technologies represented by lattice encryption and hash signatures have initially matured and have practical capabilities. In contrast, China’s research on PQC algorithms, security assessments, and standards development started relatively late, with a weaker technological research foundation.

2.2 NIST leads the establishment of PQC standards, achieving initial results

NIST officially launched the global solicitation and evaluation of PQC algorithms in December 2016, which took 7 years and went through three phases: algorithm solicitation, evaluation, and standard preparation. In August 2023, NIST selected the Kyber, Dilithium, Sphincs+, and Falcon algorithms from 82 candidate algorithms submitted by 25 countries as the first batch of PQC algorithm standard schemes for next-generation public key encryption and digital signatures. The draft standards for the Kyber, Sphincs+, and Dilithium algorithms were published in 2023[9], while the draft standard for the Falcon algorithm is expected to be released in 2024. Among the first four PQC algorithm standard options, the industry has a high recognition of the Kyber and Dilithium algorithms based on lattice encryption due to their leading encryption security, key size, and operation speed, making them the preferred choice for most encryption application scenarios. The Falcon algorithm, also based on lattice encryption, can be used for digital signatures, offering smaller signature sizes and better overall performance, but its implementation complexity is higher, making it mainly suitable for encryption scenarios with abundant hardware resources. In order not to rely solely on the security of lattice encryption algorithms, NIST also selected a hash-based Sphincs+ digital signature algorithm, but its signature size is large and operation speed is slow, making it expected to be a supplementary option for digital signature applications. Additionally, NIST continues to organize a new round of solicitations for PQC digital signature algorithms, and may select other PQC algorithm schemes for standardization in the future.

2.3 The United States is accelerating the promotion of PQC migration and application

With the initial establishment of PQC algorithm standards, the United States has begun to accelerate PQC migration, and technology giants are also taking the lead in launching PQC encryption application products and services. The U.S. government has issued multiple executive orders and bills to establish the important position of PQC migration, forming a “combination punch” to promote the implementation of migration in terms of clarifying strategic goals, providing financial support, and formulating implementation plans. In May 2022, President Biden signed a national security memorandum requiring all U.S. departments to complete the migration to anti-quantum cryptography by 2035. In December 2022, the U.S. Quantum Computing Cybersecurity Prevention Act officially took effect, aimed at promoting the migration of government information systems to PQC. In August 2023, the National Security Agency (NSA) and NIST jointly released the “Quantum Preparedness: Transitioning to Post-Quantum Cryptography” document, providing overall guidance for the industry to carry out PQC migration work. In September 2023, the U.S. National Cybersecurity Center launched the “Post-Quantum Cryptography Migration Project”, clarifying the migration workflow and recommending 28 PQC technology product and service providers, including IBM, Amazon, and Cisco. Supported by the U.S. government, technology giants like Google and Apple have begun to launch anti-quantum cryptography products and applications. In August 2023, Google announced that the Chrome browser would begin supporting PQC encryption services to protect secure communication between clients and servers. In February 2024, Apple plans to upgrade the security of the iMessage communication platform using PQC technology based on lattice encryption. In March 2024, Advanced Micro Devices (AMD) launched an FPGA SoC product, “Spartan UltraScale+”, supporting PQC algorithms. In the initial phase of PQC upgrade migration and application, encryption application suppliers generally adopt a hybrid encryption mode of using both traditional public key encryption algorithms and PQC algorithms, gradually transitioning to a mode that solely uses PQC algorithms in the future.

3 Development Prospects of PQC Applications

3.1 Security of PQC Algorithms and Applications Needs Further Verification

Although PQC research has continued for nearly thirty years and has recently achieved initial progress in algorithm evaluation and standardization, there are still concerns in the industry about whether existing PQC algorithms can fully withstand quantum computing attacks due to insufficient research on quantum computing hardware and cracking algorithms. NIST has selected multiple algorithm schemes in the PQC algorithm standardization process, continuously conducting solicitations and evaluations, considering both the flexibility applicable to different application scenarios and the security consideration of “not putting all eggs in one basket”. The assessment and verification of the security of PQC algorithms will be a continuous task throughout the lifecycle of PQC migration and application. In 2024, Chen Yilai[11] proposed a quantum algorithm to crack lattice encryption. Bambury and Nguyen[12] proposed quantum-inspired algorithms that could weaken the complexity of the N-truncated polynomial ring structure in lattice encryption. Although the effectiveness of these attack algorithms still needs in-depth evaluation and verification by the cryptography community, the challenges to the security of PQC algorithms have also attracted high attention from the industry.

3.2 International Standards for PQC Algorithms Will Continue to Be Researched

The International Organization for Standardization/International Electrotechnical Commission Joint Technical Committee 1 (ISO/IEC JTC1) Information Security Working Group (SC27) released the PQC research report SD8 in May 2020, summarizing various PQC algorithm schemes[13]. Currently, the main international standards for PQC being developed by ISO/IEC JTC1 include two projects: one proposed by Germany in April 2022, which plans to adopt Frodo, Classic McEliece, Kyber, and other PQC algorithms to supplement the existing international standard for public key encryption ISO/IEC 18033-2:2006/WD Amd 2, currently in the working draft stage; and the other proposed by Japan in October 2023, which adopts encryption algorithms based on NTRU lattices, currently in the pre-research project stage. Among them, the Frodo algorithm employs unstructured lattice encryption, which is more reliable in terms of security, but has poorer public/private key sizes and computational performance, making it suitable for high-security scenarios that require long-term confidentiality. The Classic McEliece algorithm constructs key encapsulation based on error-correcting code schemes, which has certain advantages in security, but the public key is large, and key generation is slow, which may be advantageous in application scenarios that do not require frequent transmission of public keys. It is noteworthy that the PQC algorithms promoted by countries like Germany, the Netherlands, and Japan, such as Frodo, Classic McEliece, and NTRU, although they did not make it to the NIST PQC algorithm standards due to their poorer performance and complex implementation, are still actively promoted by various countries to become international standards for the sake of maintaining the independence of PQC technologies and application security.

3.3 PQC Upgrade Migration is a Long-term Systematic Project

To transition PQC technology from algorithm standards to product applications, extensive product-level and system-level research and development, testing, validation, and updates are necessary to clarify key, ciphertext, and signature parameter settings, as well as requirements for computation processing and fault handling, completing the adaptation and upgrading with the target system architecture and environment. Conducting PQC upgrade migration is a complex system engineering task that can be roughly divided into three main stages: migration demand analysis, upgrade scheme formulation, and demonstration application promotion. First, the analysis of PQC migration demand includes clarifying the PQC upgrade needs and migration checklist in aspects such as information system standards, software and hardware modules, key management software, and code, analyzing technical requirements such as algorithm performance, bandwidth, and storage based on the demand checklist, and researching algorithm replacement and compensation schemes. Second, the formulation of PQC migration plans requires analyzing the security lifecycle and migration priorities of different information systems based on the demand checklist, while also establishing specific migration implementation plans for different systems, setting up demonstration application projects, and providing technical product support and migration guidance for information system users. Finally, based on the effectiveness and issues of PQC upgrade migration in key industry sectors, gradually promote the migration of information security systems in other relevant industry sectors, completing the overall upgrade of PQC across industries.

4 Analysis of QKD Technology Advantages and Disadvantages

4.1 QKD Can Enhance the Security of Symmetric Encryption

QKD enables secure key sharing with theoretical security proof between sending and receiving parties through the preparation, transmission, and measurement of quantum states of single photons or optical field regular components, combined with classical communication and identity authentication-assisted protocol post-processing. The QKD keys combined with symmetric encryption algorithms such as AES and SM4 can achieve information encryption transmission, also known as quantum secure communication. The main advantages of quantum secure communication are: on one hand, the symmetric keys generated by QKD are guaranteed by physical principles, and the key distribution process is not subject to the threat of quantum computing cracking; on the other hand, using QKD keys can enhance the session key update rate in symmetric encryption algorithms. By increasing the session key length and enhancing the key update rate in symmetric encryption algorithms, the overall security of ciphertext in quantum secure communication systems can be strengthened against quantum computing attacks. In dedicated network scenarios with metropolitan point-to-point optical fiber dedicated lines, QKD can be used to generate symmetric keys, authenticate identities based on pre-shared keys, and simultaneously generate ciphertext using a bit-by-bit encryption method with a one-time key, providing a higher level of security for quantum encryption applications.

4.2 QKD Technology Applications Still Face Problems and Challenges

The practicalization and engineering level of QKD technology need to be improved, and the real security of systems and networks still needs verification, requiring further exploration for effective integration with Information and Communications Technology (ICT) systems and networks. First, key performance indicators such as the key generation rate and single-span optical fiber transmission distance of commercial QKD systems still have significant room for improvement, and new protocol QKD systems based on measurement-device-independent and dual optical fields are still in the research and experimental exploration stage, far from practical application. The technical scheme of QKD systems based on extremely weak light signal transmission for key generation and security assurance poses fundamental challenges to improving system engineering levels and the robustness and reliability of deployment and operation. Second, the actual performance of QKD system components does not fully match the assumptions in theoretical protocol security proofs, necessitating research on attack defense and relevant evaluation verification for the real security of QKD systems. Due to the immaturity of quantum relay technology, large-scale QKD networking over long distances requires “trusted relay” nodes for key storage and forwarding, which weakens the security advantages of QKD keys. Finally, QKD technology only provides symmetric key generation functions and is not a complete end-to-end encryption solution, requiring dedicated hardware systems and optical fiber resources for use. For most encryption application scenarios, the high costs of system deployment and operation compared to the services and security benefits provided by QKD technology often make it difficult for users to truly accept, limiting market scale and industrial development. The integration deployment schemes of QKD systems with ICT systems and networks, as well as encryption application scenarios, also require further exploration and development by the industry.

5 Suggestions for Response Strategies in China

Quantum computing is a significant disruptive innovation leading the direction of future technological revolution and industrial transformation. Accelerating the development and application of quantum computing has become a common consensus among major countries worldwide. While harnessing the computational advantages of quantum computing to empower economic and social development, addressing the potential information security threats posed by quantum computing cracking public key cryptography is also a shared concern and effort for information and communication authorities and industries in various countries.

Suggestions for China to respond to information security threats from quantum computing include the following:

First, pay high attention to the development trends of quantum computing cracking public key cryptography, conduct research and risk assessments on information security threats, especially focusing on the retrospective threats of “interception first, then cracking” that may cause sensitive information requiring long-term confidentiality, as well as the destructive threats to government information systems, public internet platforms, critical infrastructure networks, and important information systems and digital trust systems in finance and healthcare.

Second, accelerate the research, security assessment, and standard development of PQC algorithms, master PQC technology products and solutions, and actively participate in PQC international standard research work to contribute Chinese algorithm solutions. Organize testing and validation of PQC technology products and pilot applications, and formulate PQC upgrade work plans for different industry sectors, steadily promoting PQC applications and migration.

Third, based on the practical foundation of China’s QKD technology development and application, further strengthen R&D in QKD technology and product engineering, enhance system performance indicators and real security, reduce application deployment and operational difficulties and costs, open up market development space through product quality improvement and cost reduction, and deepen exploration of effective solutions for the integration of QKD with ICT systems and networks.

Fourth, conduct research on the technical integration and application fusion of PQC and QKD, forming a comprehensive quantum information security solution that leverages the strengths of both, adapts to different application scenarios, and addresses development shortcomings while building a competitive advantage, creating a systematic solution to respond to future information security threats from quantum computing.

6 Conclusion

With the rapid development of quantum computing, the security risks of existing public key cryptography systems are increasing day by day, and addressing the information security threats posed by quantum computing has become one of the key issues that cannot be ignored in the field of network information security. By developing new types of mathematically difficult problems and constructing new public key cryptographic algorithms that resist quantum computing attacks, also known as post-quantum cryptography, it is the mainstream solution to address information security threats in most application scenarios such as digital signatures, identity authentication, and key exchange. Exploring quantum secure communication applications based on quantum key distribution in high-security requirement dedicated networks is expected to provide a beneficial complement to addressing information security threats from quantum computing. The integration of post-quantum cryptography and quantum key distribution into comprehensive applications is expected to become a future development trend in responding to information security threats from quantum computing.

Analysis of information security threats for quantum computing and countermeasures

LAI Junsen, ZHAO Wenyu, ZHANG Haiyi

(Technology and Standards Research Institute, China Academy of Information and Communications Technology,Beijing 100191, China)

Abstract: Quantum computing has been theoretically proven to have a public key cryptography cracking capability that far exceeds that of classical computing. In recent years, the rapid development of quantum computing has triggered the information security threat of public key cryptography, which has become raising concern for the global information security authorities and the Information and Communications Technology (ICT) industries. This paper first analyzes the information security threats and impacts of quantum computing. Then, it discusses the technical characteristics and application trends of the two main countermeasures, namely, post quantum cryptography (PQC) and quantum key distribution (QKD). Finally, it puts forward the development suggestions for dealing with the information security threats of quantum computing.

Keywords: quantum computing; information security; PQC; QKD

Analysis of Information Security Threats for Quantum Computing and Countermeasures

This article is published in 《Information Communication Technology and Policy》 2024, Issue 7

Analysis of Information Security Threats for Quantum Computing and Countermeasures

Organized by: China Academy of Information and Communications Technology

《Information Communication Technology and Policy》 is a professional academic journal supervised by the Ministry of Industry and Information Technology and hosted by the China Academy of Information and Communications Technology. This journal is positioned as a barometer of information and communication technology frontiers and a thought bank for exploring information society policy, focusing on the technical trends in the information and communication field, public policies, national/industry/company strategies, publishing cutting-edge research results, analysis of focal issues, interpretation of hot policies, and promoting the innovation and development of technologies and industries such as 5G, industrial internet, digital economy, artificial intelligence, big data, and cloud computing, guiding national technological strategy choices and industrial policy formulation, and building a high-end academic exchange platform for production, learning, research, and application.

Journal Honors and Inclusion Status

AMI (2022 Edition) A-Category Expanded Journal

RCCSE Chinese Core Academic Journal

Selected in the High-Quality Scientific Journal Classification Directory of the China Association for Science and Technology in the Field of Information Communication

《Information Communication Technology and Policy》 Submission Guidelines!

To further improve the level of journal information construction and provide better services to scholars, our official website (http://ictp.caict.ac.cn) has officially launched, and submissions are welcome!

Analysis of Information Security Threats for Quantum Computing and CountermeasuresSource: Information Communication Technology and PolicyAnalysis of Information Security Threats for Quantum Computing and Countermeasures

Technology and Standards Research Institute

Analysis of Information Security Threats for Quantum Computing and Countermeasures

Long press to recognize the QR code to follow

Leave a Comment