A binary code displayed on a laptop screen and a binary code displayed on a phone screen are seen in this illustration photo taken in Krakow, Poland on October 30, 2023. (Photo by Jakub Porzycki/NurPhoto via Getty Images)
WASHINGTON – For decades, most digital communication has relied on an algorithm called RSA, invented in 1977 to allow two parties to communicate securely without having to exchange secret codes beforehand. Starting in 2024, that’s going to have to change.
Specifically, government agencies and private companies need to begin combing through countless lines of software code to find every instance of RSA and other long-standard protocols, so they can ultimately replace them with Post-Quantum Cryptography (PQC), a new set of algorithms designed to resist rapidly advancing quantum computers which could, in theory, crack any existing encryption.
[This article is one of many in a series in which Breaking Defense reporters look back on the most significant (and entertaining) news stories of 2023 and look forward to what 2024 may hold.]
The issue is urgent for agencies and companies have data that’s both highly sensitive and likely to remain relevant for many years, like performance and design specs for military vehicles and weapons systems. That’s the kind of encrypted data a well-heeled intelligence agency, like China’s Ministry of State Security, might spend the resources to scoop up now, even though they can’t decrypt it yet, and then store it until the long-awaited RSA-killing quantum computer arrives — a strategy known as “harvest now, decrypt later.”
If someone’s already run a “harvest” operation against you, one attendee at a recent ATARC webinar asked, what can you do to protect yourself? Not much, said Bill Newhouse, a senior cybersecurity engineer at the National Institute of Standards & Technology: “Unfortunately, that data’s out.”
What makes quantum computing such a game-changer? Every digital device in widespread use today — from baby monitors and microwave ovens to smartphones and smart missiles — uses thousands of tiny integrated circuits to store and manipulate information. If the circuit is holding enough electrical charge, it’s “on” and counts as a “1” in binary logic; if it’s not charged, it’s “off” and counts as “0.” Every function a digital device can perform boils down to adding and subtracting 1s and 0s over and over and over at superhuman speed.
This works great for a surprising range of applications, from the obviously mathematical, like tax prep software and encrypted messaging, to the seemingly creative, like generative AI making songs and videos. But the 1s and 0s struggle with computations that involve a huge number of different variables, like simulating how a new enzyme might behave or breaking an enemy code.
Quantum computers get around that problem by using “quantum bits,” or qubits, which exploit the ambiguous nature of subatomic particles to embody every possible value between 0 and 1. It’s a practical application of Schrödinger’s Cat, the famous thought experiment where a trapped animal is neither alive nor dead, but both and neither and all states in-between. While “macroscopic” objects such as cats don’t actually behave this way, subatomic objects do, which means quantum computers can carry out calculations far too complex for classical computers — which, in time, will probably include including breaking RSA.
Late last month, NIST formally closed the public comment period for three PQC algorithms it plans to finalize for widespread use next year. But NIST finalizing algorithms doesn’t solve the problem: That takes everybody implementing them.
“This is huge,” said Newhouse. “This migration [to PQC] should be the biggest one ever undertaken,” he told the ATARC webinar, at least since software began using RSA and other public key encryption in the first place decades ago.
A crucial caveat: That doesn’t mean everyone should leap to install the new algorithms now. In fact, you’re not supposed to until they’re finalized. Technically, Newhouse said, “you could use them, but you’d be in violation of some rules, [because] you have to have a FIPS [Federal Information Processing Standard] validated product and that’s not there yet.”
“Those three drafts are just finished receiving comments,” he noted at the Dec. 5 webinar. “[NIST] will be adjudicating those comments, making the final publication even better because people submitted things they noticed.” And NIST takes outside input seriously: It had originally planned to release four new algorithms until independent testing revealed fatal flaws in one of them just last year.
“These open standards and these validation processes mean you’re getting a lot of eyes on this technology before you’re equipped with it,” Newhouse said at a Defense Scoop event on the same day.
Once NIST finalizes the PQC standards, however, there are yet more steps before anyone can use them. Software companies have to implement the new cryptography algorithms in actual code a computer can run — and that code should go back to NIST for Cryptographic Module Validation to ensure it actually works. That can take “months or years,” Newhouse acknowledged.
But that doesn’t mean agencies and companies should just sit around waiting for their favorite cybersecurity vendor to come up with a PQC implementation, Newhouse and other experts emphasize. Far from it: Firms should already be taking inventory of the software your organization uses, so you can find where it uses RSA and other soon-to-be-superseded encryption protocols that will have to be replaced with the new PQC algorithms. And because RSA can crop up in all sorts of unexpected places — basically every time one computer wants to communicate something securely with another — it can take a long, long time to find every instance.
“It impacts everything we do, from switches to routers to our most prized possessions, our critical weapons systems,” said Wanda Jones-Heath, principal cyber advisor for the Air Force, speaking at the Scoop News event. “If we had not started this two years ago, we would be even further behind.”
As hard as hunting out instances of RSA can be for private companies, it’s even more complicated for government organizations, both military and civilian, which tend to use a patchwork of technologies of varying ages. “Federal networks are weird,” said Nick Polk, senior advisor to the Federal Chief Information Systems Officer in the Executive Officer of the President. “We have legacy IT from the seventies out there still … [and] encryption is everywhere.”
Software companies are already offering automated “discovery” tools, designed to inspect code and find instances of encryption that will need to be replaced. But there’s still no easy fix, so both finding the problem and fixing it will be the work of years.
With that laborious timeline in mind, a White House National Security Memorandum issued last year gave federal agencies until 2035 to complete their migration to post-quantum encryption. But that deadline assumed it would take many years for today’s experimental quantum computers to evolve into “cryptographically relevant” machines able to break RSA, an assumption challenged by a recent breakthrough by a DARPA-funded, Harvard-led research team.
That advance — a quantum leap in quantum computing — could bring the end of RSA and other long-used encryption years closer for everyone.
