Why You Must Begin Your Quantum Y2K Project Now!

It will be significantly cheaper.

That’s the short answer. Every organization in the world will soon…in the next couple of years…be involved in a multi-year, massive, Y2K-like project, to migrate from quantum-susceptible cryptography to quantum-resistant (i.e., post-quantum) cryptography. The Cloud Security Alliance gives as the umbrella term for all the post-quantum projects we will all be participating in as “Y2Q”. That’s as good an abbreviation as any for what is ahead.

Blatant plug. I wrote a book called Cryptography Apocalypse (https://www.amazon.com/gp/product/B07Z837R86 ), on how to prepare for the quantum cryptographic problem.

The Problem

Quantum computers will soon, if not already, have the capability to reveal secrets protected by much of the traditional asymmetric (public/private key) cryptography we use today, including RSA, Diffie-Hellman, Elliptic Curve Cryptography, and El-Gamal. And it will cut the protective strength of symmetric ciphers (e.g., AES) and hashes (e.g., SHA-2) in half. Every organization will soon…in the next few years or sooner (i.e., please NOW!!) be involved in an organizational-wide, multi-year, project to migrate all software, hardware, and firmware, to quantum-resistant cryptography or other protections. The sooner you begin this process…NSA said to begin NOW!! in 2016, the cheaper it will be for you in the long run. You will make fewer mistakes. You will have longer to do it. You will need fewer people. You will waste less money. You will do less re-work.

Problem With the Problem

There’s one huge caveat about this issue. No one knows when exactly when quantum computers and their users will get sufficient strength to crack all our cryptography. With the Y2K project, we all knew the drop-dead deadline was January 1, 2000, 12:00:00 AM GMT. We don’t have the luxury of a known fixed deadline of when the “quantum break” will happen. And even when the first quantum crack turns into something that most organizations will need to worry about. The idea is that the first quantum crack capabilities will be some nation-state (probably the US or China) and those capabilities will be used against top nation-state targets and not regular businesses. But who knows? We already have many quantum computers readily accessible on the Internet for anyone to use, albeit far less capable than the computer in your wristwatch or cell phone. But this will absolutely change and quantum computers are already starting to do things that traditional, conventional computers cannot do. That gap is only going to grow from here on out. Once we get sufficiently capable quantum computers it could be that anyone could create, buy, or rent sufficiently capable quantum computers fairly early and easily. We are for sure, eventually, going to get quantum capabilities on every device and desktop. You can’t stop the momentum.

The question is when will we get quantum computers sufficiently capable of breaking today’s traditional asymmetric cryptography? No one knows. Or no one who will say it publicly. I think there’s a 15% chance that either China or the US already has sufficient quantum capability, but isn’t telling us. But the vast majority of quantum scientists say it’s likely to happen within the next 10 years.

There’s a long running joke that whenever a quantum scientist is asked when sufficiently capable quantum computers will happen, they always say, “With the next 10 years.” But they’ve been saying that for 20 years. The difference is that almost no quantum scientist thinks it will be as long as 10 years now. Most quantum scientists think it will be within the next 5-7 years. The Cloud Security Alliance even has a Y2Q countdown clock (https://cloudsecurityalliance.org/research/working-groups/quantum-safe-security/ ) which is about 7 years right now as I write the article.

But I’m in the group that thinks it’s very likely to happen in the next few years…and I don’t think any quantum scientists…even the ones thinking it might be as long as 10 years…would be gobsmacked if it happened anytime in the next few years. There’s a chance it could happen tomorrow.

And the reality is that if you have information you need to keep private for longer than a few years, you need to start your post-quantum project now. One reason is that your adversaries could be eavesdropping on and copying your current encrypted network communications and stored data and saving it for when they have sufficiently capable quantum computers. The NSA and NIST have confirmed our adversaries are eavesdropping on data for these purposes (and I assume us on them).

But also because it’s going to take the average organization many years to do their entire post-quantum migration and it could be that sufficiently capable quantum computers happen before you’ve had a chance to protect your data. There is a statement in the quantum security world known as the Mosca Inequality, which represents this issue (image below taken from my book):

In summary, you need to get going on your quantum migration project now. Why? You’ll be able to better protect data and save money.

How You’ll Save Money By Starting Your Quantum Migration Project Now

It’s hard to argue that having more time to deal with a complex problem saves money. Most of us would rather make our decisions when less rushed and with more available resources.

Cheaper Resources

Every organization…every person…in the world will be involved in the quantum migration in some way starting in the next few years. Every organization will be involved in a multi-year, expensive, quantum migration project starting in the next few years. It will take people, resources, and possibly/likely external consultants. All of those things are going to get more expensive as other organizations ramp up their quantum migration projects. It’s supply and demand. People beginning their post-quantum migration projects now will be in an enhanced position to pick and negotiate with those resources.

More Time

Everything is easier with more time. The longest and most difficult of most post-quantum projects will be determining what data needs to be protected and how it is currently protected (including existing ciphers, key sizes, and effective protection from overlapping protective layers). I call this part of the post-quantum project the ‘data protection inventory’. It will take most organizations years to do. If you start now, you’ll need to hire fewer additional people to do it, and if existing people and resources can do it more naturally as a part of their existing job. The people involved in those processes are likely to do a better job given more time than rushed (or at least we hope).

Change Your Purchasing Habits Now

Stop the hemorrhaging! You will need to find out what cryptography is currently implemented in every bit of software and hardware that is involved in protecting critical data. And find out which products will require simple configuration changes (to more quantum-resistant ciphers), which will require easy to moderate upgrades, and which will require complete replacement to provide the necessary protection. You want to make sure that everything you buy is “crypto-agile”, meaning that whatever cryptography it is running now or in the future, can be replaced with newer cryptography without requiring a major upgrade or replacement. Change your purchasing policies today to make sure every newly acquired product is canvassed about its contained cryptography. You don’t want to be buying or bringing in even more products that will need big upgrades or replacements in the near future. You want to ask your vendors about their cryptography and how hard it is to replace it with newer, post-quantum, cryptography. You want to ask your vendors if they are crypto-agile. If they don’t know…and many to most won’t, educate them. Stop the bleeding. Buy and encourage products that are already quantum-resistant or can easily be upgraded to post-quantum cryptography.

If you start your post-quantum project now, it’s going to be cheaper overall. If you want to know what is involved in a post-quantum migration project, check out my book (https://www.amazon.com/gp/product/B07Z837R86) or the free Cloud Security Alliance’s whitepaper, Practical Preparations for a Post-Quantum World (https://cloudsecurityalliance.org/artifacts/practical-preparations-for-the-post-quantum-world/ ), for which I was the lead author.[3]