In a world where everything is connected, most of us take for granted that the communications protocols we use, whether it be at home, in our vehicles, or on our smartphonesꟷare properly secured and encrypted against attacks from unwanted sources. While significant investments in technology have been made to keep protocols such as TCP/IP clean, the cryptographic standards they are based are going to require significant upgrading in the near future.
That’s the premise of a DesignCon keynote session titled, “Post-Quantum Cryptography: The Next Decade of Cryptographic Hardware Design,” to take place on Tuesday, January 31, from 11:45 am to 12:30 pm. Keynote session speaker Aydin Aysu, Assistant Professor and Head of the Hardware Cybersecurity Research Lab (HECTOR) at Electrical & Computer Engineering Department of North Carolina University, says that quantum computers have the potential to break existing cryptography algorithms, which in some cases date back 40 years. “We have mathematical evidence this can potentially occur,” Aysu told Design News in an interview.
The problem is potentially most acute with military and government systems, Aysu explained, where any break in cryptographic protection would pose the risk of sensitive recorded information being stolen, through what he termed is a “record now, break later” scheme.
NIST Leading Efforts
Aysu noted that the NIST (National Institute of Standards and Technology) is proactively trying to pave the way for an updated cryptographic infrastructure. NIST is evaluating quantum computing secure cryptographic algorithms developed by industry and academia, and has started to standardize them with the goal of completing them in the next few years.
In his talk, Aysu plans to introduce the new computational units that will underly the upcoming standards. He will present his team’s effort in building secure, efficient cryptographic implementations for future protocols.
The massive network of cryptographic algorithms that will require updating, are, not surprisingly, likely going to result in a slow implementation of post-quantum cryptography. Phasing in new cryptography without endangering the integrity of the existing cryptographic structure is one challenge. “We will probably need to encrypt with both old and new algorithms as we transition,” Aysu stated.
The overhaul in cryptography standards will require changes in both hardware and software, Aysu noted. “Hardware encryption is likely required for the most security-sensitive or high-performance applications, while software may be used for other applications.”
The upgrading of the cryptographic infrastructure will likely place great demand on the existing talent pool to handle these tasks. While Aysu’s school, North Carolina University, teaches cryptography and cybersecurity, such course offerings are slowly emerging elsewhere. Aysu believes that government support may be needed to fund more programs to train future scientists in these disciplines.