Quantum computing is a novel computing technology based on quantum-mechanical principles. In conjunction with specific algorithms developed in the scientific community, quantum computing can undermine the mathematically hard problems that underpin almost all currently used public-key cryptography, including the well-known RSA and elliptic curve cryptography standards.
The threat potential of quantum computing to society at large should not be underestimated. The impact extends across security for the Internet, IoT devices and legal infrastructure based on the currently used cryptographic systems. Systems and solutions that are regarded as reasonably secure today may become weakened or broken, and the data contained in these systems may suddenly be compromised if sufficiently powerful quantum computers become available in the future.
Limited quantum computing devices exist today, and innovation progress is rapid. The threat of large-scale impact on society has led to widespread initiatives to develop new cryptographic algorithms and standards that are expected to be secure against attacks using quantum computers. Collectively referred to as “post-quantum cryptography” or “quantum-safe cryptography,” federal agencies started issuing guidance reports to prepare for a potential crypto-apocalypse.
To avoid significant global economic impact due to the inherent reliance our society has on cryptography, a search for replacement cryptographic standards was started in a competition format by USA’s National Institute of Standards and Technology (NIST) in 2016. Contrary to previous cryptographic standardization competitions, NIST announced in advance that there would not be a single winner: several algorithms will emerge as “good choices.” It is expected that there will be no single silver bullet and each candidate algorithm has some disadvantages (e.g. massive key sizes, significantly increased latency, etc.). Otherwise, one winner would have been considered to use for replacement. Supporting multiple new cryptographic algorithms will have a significant impact on the existing public-key infrastructures.
In July 2020, the finalists for this post-quantum crypto standard were announced. Two out of four remaining key-exchange finalists are co-designed by NXP security experts.
Whether you believe the quantum threat is real or not is irrelevant. New public-key cryptographic standards are coming. Moreover, customers are already asking for support to ensure their products offer long-term protection. Migration to these new types of public-key crypto will be both a challenge and an opportunity, and NXP is proud to lead the way.
Joppe W. Bos is a Technical Director and cryptographer at the Competence Center Crypto and Security (CCC&S) in the CTO organization at NXP Semiconductors. Based in Belgium, he is the technical lead of the Post-Quantum Cryptography team, and has authored over 20 patents and 50 academic papers. He is the co-editor of the IACR Cryptology ePrint Archive.
