Quantum-Safety für Ihre Internet-Anwendungen: Was Sie wissen sollten!

Die rasante Entwicklung der Quantencomputer stellt eine Gefahr für etablierte Sicherheitsalgorithmen dar. Zukünftige Quantencomputer werden in der Lage sein, diese Algorithmen zu brechen, wodurch sensible Daten von Bedrohungsakteuren ausgenutzt werden könnten. Angreifer sammeln bereits heute verschlüsselte Daten, um diese künftig mit Quantentechnologie zu entschlüsseln, sobald diese ausgereift ist. Dies unterstreicht die dringende Notwendigkeit für Organisationen, auf quantensichere Algorithmen umzusteigen. Zu diesem Zweck ist es entscheidend, die Auswirkungen von Quantengefahren zu verstehen und gefährdete Systeme zu identifizieren. Dieser Beitrag betrachtet die Internetprotokolle, die am relevantesten für Quantenangriffe sind, und zeigt Empfehlungen für quantensichere Alternativen auf.

Quantum Threat: What’s at Risk?

Quantum computers pose a significant threat to traditional security algorithms due to their ability to perform certain mathematical calculations exponentially faster than classical computers. This speed advantage stems from their use of qubits, which unlike classical bits that can only exist in a state of 0 or 1, can exist in a superposition of both states simultaneously. This allows quantum computers to perform computations on multiple possible values at the same time, leading to significant speedups for specific problem types.

Most widely used asymmetric security algorithms, such as RSA, ECC, and DH, rely on the difficulty of factoring large numbers or solving discrete logarithm problems for their security. Classical computers struggle to solve these problems efficiently, making these algorithms secure for practical purposes. However, quantum computers can solve these problems significantly faster, effectively breaking the cryptographic foundations of these systems. Quantum computers can also impact symmetric algorithms, like block ciphers, by enabling faster key searches. While they don’t “break” these algorithms in the same way as asymmetric ones, they can reduce the effective strength of the keys by searching through possible key combinations in square-root time.

A recent research by a group of Chinese researchers claims to have developed an algorithm capable of breaking 2048-bits RSA encryption using a 372-qubits quantum computer. This claim has generated considerable debate within the cybersecurity community, with some experts expressing scepticism due to the lack of crucial detail. Regardless of the sparked debate of this research, it highlights the ongoing rapid progress in quantum computing and the potential threat it poses to modern cryptography. Waiting for quantum computers to break current security algorithms would leave little time for mitigation, exposing sensitive data to risks. Key concerns include the “store-now, decrypt-later” tactic—where adversaries save encrypted data to decrypt later—and lengthy migration periods for complex systems. To address this, BSI in a joint statement from partners from 18 EU member states urge prioritizing a transition to post-quantum cryptography immediately.

Internet Protocols Relevant to Quantum Safety

The first step towards quantum safety is conducting a quantum threat analysis, creating an inventory of cryptographic usage. This inventory helps identify quantum vulnerable systems and outline the necessary actions for protection. Systems with Internet exposure are particularly critical due to their large attack surface. The table below provides an overview of the Internet protocols relevant to quantum safety as well as the security algorithms they rely on.

Quantum Safety Status of Security Algorithms in Internet Protocols

To address the risks posed by quantum computers, NIST is spearheading efforts to develop “quantum safe” algorithms designed to secure information against future quantum threats. Below is a simplified summary of commonly used security algorithms in Internet protocols, their current security status, and potential quantum safe alternatives.

- p, q: Public key size, private key size

- n: Size of modulus for RSA; The order of the base point G for ECDH(E) and ECDSA

- k: Key size

- h: Hash value length

Bridging to a Secure Future with a Hybrid Approach

The move to quantum safe algorithms has become essential. Organizations are urged to use a combination of traditional and new, quantum safe security algorithms. This hybrid approach lets companies keep using their current systems while slowly adding quantum safe protection, giving them time to adjust. Preparing now ensures sensitive data remains protected in the quantum era — don’t wait for quantum computers to arrive to act.

References for Further Details:

• NIST, Transition to Post-Quantum Cryptography Standards
• NIST, Transitioning the Use of Cryptographic Algorithms and Key Lengths
• BSI, Kryptographische Verfahren: Empfehlungen und Schlüssellängen, Teil 2 – Verwendung von Transport Layer Security (TLS)
• BSI, Kryptographische Verfahren: Empfehlungen und Schlüssellängen, Teil 3 – Verwendung von Internet Protocol Security (IPsec) und Internet Key Exchange (IKEv2)
• BSI, Kryptographische Verfahren: Empfehlungen und Schlüssellängen, Teil 4 – Verwendung von Secure Shell (SSH)
• NMAP, Well Known Service Port Numbers

Acknowledgment

A shoutout to Prof. Mohammedd El-Hajj for his contribution to this work. His expertise has been instrumental in shaping the outcome.

Selected Glossary

AES: Advanced Encryption Standard

BSI: Bundesamt für Sicherheit in der Informationstechnik

DH: Diffie-Hellman

DHE: Diffie-Hellman Ephemeral

DSA: Digital Signature Algorithm

ECC: Elliptic Curve Cryptography

ECDH: Elliptic Curve Diffie-Hellman

ECDHE: Elliptic Curve Diffie-Hellman Ephemeral

ECDSA: Elliptic Curve Digital Signature Algorithm

FIPS: Federal Information Processing Standards

NIST: National Institute of Standards and Technology

RSA: Rivest-Shamir-Adleman

SHA: Secure Hash Algorithm