Recently, I had the honor of moderating the quantum readiness session at Venafi’s Global Customer Summit. It was one of the most well-attended sessions, which shows the importance and interest of this impending change to our lives and business.
Our guest speakers were Mike Brown, CTO at ISARA, and John O’Connor, VP of Product Management at Crypto4A. These two companies are unique in their partnership! Not only are they combining Crypto4A’s hardware anchored Qx™ Trust Architecture (QxTA™) with ISARA’s software expertise for implementing crypto-agility and quantum-safe security, they’ve integrated with the Venafi Trust Protection Platform to deliver hybrid certificates and quantum-ready HSMs to Venafi customers.
In the session I thought John, from Crypto4A, said it well: “This is going to be the largest crypto migration that we've ever done by orders of magnitude, and I think putting aside the unknown timeline for quantum computers, we do have a timeline on the standardization process. That's the timeline to focus on now instead of waiting for that moment when the panic sets in that RSA is broken. By the time we get there, we've already migrated to the new standards. So, let’s focus on the move to new crypto standards. We've done this before. Defining that strategy and making it something that can deliver positive outcomes is much better than facing a panic moment further down the road. Nobody wants to be there!”
There were many great nuggets of advice from these two experts on preparing for quantum computers by testing hybrid certificates now. Here’s more from our conversation:
I'm going to play the role of a skeptic a little. Hybrid certificates? What if that is going to break my stuff? Don't I need to wait for the browser and the operating systems to support quantum crypto?
Mike Brown: The idea for hybrid certificates, and the idea for hybrid in general, is to mix together two different types of systems so that you can use them as needed, one or the other. The idea of a hybrid certificate is to utilize the existing X.509 structure to include both a “classical public key”—your RSA or elliptic curve key—and a quantum-safe key. Maybe it's Dilithium or maybe it's SPHINCS+. If we're talking about encryption at that point, then by utilizing the structure that X.509 interpreters are already workingthrough processing, we can include these as extensions into the existing certificate now. Why would you do this? Because it's the proper X.509 format. If I'm using this certificate in a system which doesn't know anything about quantum safety, then it'll just happily ignore those extra components. As an organization, if you are slowly starting to upgrade systems, maybe you're focusing on your HR system first which is using certificates. If they are quantum aware and understand this format, they can utilize those quantum-safe credentials. Then you have an additional level of protection within your environment.
John O’Connor: I might add here, this is the real strength of the Catalyst hybrid certificate technology that we need to start testing out in our systems. Things are going to break. But starting now, by developing a migration strategy with the Catalyst certificate for devices that don't understand the extensions. They can safely ignore them. You may also find that there are devices out there that are not able to consume even the hybrid certificate. Maybe it's because of size, but the only way to get started on this transition is to start creating a migration plan and start testing these things out. It's going to take a long time, so of course we will need support from many devices and many systems across our enterprises. But today's the day to get started. It doesn't need to be difficult.
There's no quantum computer today that can break our crypto, so why do I need to worry about this? Can I just wait and see what happens?
Mike: We do hear that from some customers. I think it sort of speaks to one of the challenges: Is this a problem that I need to solve? Or is this something that I can wait for my successor to deal with then? That's a very common approach—they're thinking about “how do I prioritize where I spend my precious resources today.” And you're right, quantum computers big enough today to break commercial crypto don't exist, but we see such a big transition going on in the quantum computing world. The work is going from purely physics labs into the engineering space where the focus now is on how we build companies that can start to sell these solutions. Just recently we saw the very first public quantum computing company created: IonQ. The focus for companies that are in this space is now around how to commercialize these solutions. That's much further along than we've seen in the past! As well, NIST is looking at 2030 as being its planning point. Also, you have Gartner talking about 2022 to 2023 as when you need to have plans in place for how to be ready for it. This is very much a coming, near-term reality that organizations need to grapple with now!
Understand too that all the standards are changing around what crypto you need to use in your environment. You need to think about the type of regulations that you may live with as an organization. Maybe you sell to the U.S Federal government, so you need to comply with the FIPS 140 standards. Maybe you're in Germany where now the German government has requirements for the use of quantum crypto for satellite communications. We're seeing more and more of those regulations coming about that you need to abide by. Even in advance of quantum computers coming to break crypto, you need to stay current with what the standards are and make sure that you're prepared to be able to comply with them.
Is anybody doing this today? Is anybody using hybrid certificates or who's doing anything about this today?
John: Since the beginning of 2021, we've seen a big shift in people's attitudes to post-quantum cryptography, and of course that leads again to hybrid certificates. We have the new 2021 National Defense Authorization Act in the United States. This brings to the forefront the need to assess the level of threat to national security that quantum computers will bring. I think with these events, we're starting to take this a lot more seriously now. As time goes by, we can no longer just sit and wait for advancements to happen or for the standardization process to be complete. We need to work alongside that process to make ourselves ready to get a quantum safe security posture. I think that's really the goal for all of this. It's how we mitigate future threats in a calm and procedural way, as opposed to the big bang events that may happen at some point in the future.
To build on that, we see the recognition from a lot of organizations that this type of transition takes a long time. When we talk to a bank, for example, they typically talk about a 7-to-10-year timeframe for changing cryptography. A federal government might be 10 to 20 years to do this type of transition. So, there's a keen recognition on the need for planning and then following through on those plans. In terms of people using hybrid certificates, we're seeing a lot of companies in the PKI space, led by folks like Venafi, who are showcasing quantum ready PKI. It's available for customers to start trialing.
The step that we see with a lot of customers right now is around the proof of concept stage: “What do I need? How is this going to start impacting my environment?” At Crypto4A we’re doing work in the automotive space, which is a focus for groups like Volkswagen, where they're going through and making all these changes to the core computing infrastructure of vehicles. We are seeing trends like autonomy, like electrification, like software updates happening. There is a keen reliance on public key cryptography within those systems that keeps everyone safe, so they're looking at these areas in terms of potential impact. They are realizing they must have a plan for the systems that are in their cars since the vehicle on the road in 2035 actually started the design and R&D phase a few years ago. This is very much a real threat that they're already thinking about.
Still, it's not difficult to get started, and I think who's doing hybrid certificates already and uh who's doing it today well… the point is that you can be doing it today. The Machine Identity Management Development Fund has really enabled Venafi customers to start the journey today; start to look at a hybrid certificate, run the tooling and test the hybrid certificate out in the lab. It’s great to start to just become familiar with the technology, the new cryptographic primitives, and new types of certificates.
Is your crypto ready to support quantum computing? Where should you start preparing? Learn where you can start by vising our quantum-ready integrations on the Venafi Marketplace.