White House to agencies: Don’t wait to test your post-quantum encryption
A White House official warned federal agencies Wednesday not to wait until their new post-quantum encryption algorithms are deployed in production to test them.
Agencies have been slowly working to integrate into federal IT systems new encryption algorithms that can defend against future hacks from quantum computers, but the White House wants to make sure the new protections don’t lead to major glitches when they’re deployed to legacy systems and environments.
“We are now at the stage where it’s critical that folks start to test the algorithms on their production systems. I was very specific there: production systems, not test systems,” Nick Polk, branch director for federal cybersecurity at the Executive Office of the President, said during CyberTalks, presented by CyberScoop. “Our [Pentagon] friends like to say no plan survives first contact with the enemy, and I think we can pretty safely say that no cryptographic algorithm will survive first contact with some of our networks.”
Cherilyn Pascoe, director of the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence, said “no one knows exactly” when a quantum computer capable of breaking traditional encryption will emerge on the scene. U.S. officials believe adversarial nations may already be harvesting encrypted data from American organizations in the hopes of breaking them later with a quantum computer.
Pascoe said her agency has worked with the National Security Agency, the Cybersecurity and Infrastructure Security Agency and 40 other organizations to develop migration guidance and develop testing tools to identify vulnerable implementations of cryptography on federal networks.
“We’re also doing some really interesting interoperability testing to test how those new standards will work with existing internet protocols, existing internet standards so we can really build this confidence in this system and for vendors to quickly move to roll out new products that support” post-quantum systems, Pascoe said.
The federal government, led by NIST, has been working for years to develop new forms of encryption that could withstand hacking from a quantum computer.
It hasn’t always been a smooth ride. Because a quantum computer capable of breaking traditional encryption remains a mostly theoretical concept today — most experts believe we are still years away at best from such a development — the algorithms designed to protect against them are also built on a series of assumptions about how those computers will work.
While NIST has approved a handful of post-quantum algorithms to underpin federal systems, some of those systems have later been found to have damaging — and sometimes fatal — flaws that are exploitable with traditional computers.
Last year, researchers at the KTH Royal Institute in Sweden announced they had found a novel side channel attack capable of breaking implementations of CRYSTALS-Kyber, one of a handful of “post-quantum” public key encryption algorithms chosen by NIST.
However, a NIST official said at the time that the flaw identified in the Swedish paper did not represent a fundamental weakness in CRYSTALS-Kyber or represent a broader threat to other implementations.
NIST officials have said every stage of their multi-round post-quantum encryption selection process involved the discovery of at least one previously unknown vulnerability affecting some of the algorithms. Other vulnerabilities could emerge, or a future quantum computer capable of breaking classical encryption may behave in ways researchers don’t expect.
It’s why NIST felt it was important to approve multiple algorithms with different designs, a way of ensuring that the future safety of encrypted federal data isn’t reliant on any one particular approach.
Polk said that while the migration process in the federal government will take time, agencies can save a lot of heartburn by ensuring they’re interoperable with critical systems beforehand.
“No agency wants to get that call from their secretary saying, ‘Hey, I logged in trying to get my email, it’s not working, why isn’t it working, can you fix it now?” Polk said. “Don’t wait for that to actually figure out that maybe the encryption algorithm you put in isn’t going to operate in the way that you thought it would.”
