Quantum computing is here, and its arrival poses a fundamental threat to the security of network communications thanks to its ability to break current encryption methods.
With their unique computational capabilities, these powerful machines can obtain the keys generated by asymmetric encryption algorithms (and even symmetric encryption), undermining traditional security protocols.
Before quantum computers and threats — including the associated ‘harvest now, decrypt later’ (HNDL) technique — mature and become commonplace, urgent action is required.
So, what can be done now to provide quantum-safe (or, at least, quantum-resistant) communications and mitigate this new threat?
From quantum key distribution (QKD) to distributed symmetric key establishment (DSKE) and post-quantum cryptography (PQC), there are several strategies that can help achieve quantum-safe communications in the face of quantum computers.
All these approaches focus on securely generating and distributing the symmetric keys used for data encryption — eliminating the need for insecure asymmetric algorithms that are normally used to negotiate keys.
Quantum key distribution (QKD)
Often considered the gold standard for securely generating and distributing symmetric keys, QKD uses the quantum computing properties of individual photons to generate encryption keys. These keys are created using the phase or spin of the photons and are inherently secure because of quantum mechanics, which ensures any eavesdropping attempt can be detected.
Generating keys in this manner is virtually tamper-proof; however, quantum key distribution has limitations. For one, it requires a fibre-optic connection to the two parties sharing the key — the length of which is limited by the optical signal losses on this fibre. Secondly, QKD requires specialised equipment at both locations to generate and receive the quantum key distribution signal.
These limitations restrict current QKD implementations to limited distances and specialised high-security applications. Despite these limitations, secure intermediate-locations practical networks have been deployed, such as BT’s commercial trial network across London.
Distributed symmetric key establishment (DSKE)
One of the key features of quantum key distribution is the separation of the symmetric key agreement communication path from the encrypted data path. Several vendors have used this concept as the basis for a digital version of QDK: distributed symmetric key establishment.
DSKE replaces the optical path and quantum physics, using internet connectivity and a software algorithm to achieve a similar level of security in key distribution.
These quantum-safe communications tend to combine an agent, either software or an appliance, running at both ends of the communication path to provide the same symmetric key to the symmetric encryption algorithm in use — for example, an IPsec tunnel. These agents peer with each other and a cloud service to coordinate the generation of the keys without sharing key material. Typically, these agents will also employ quantum random number generation, either pre-seeded or via cloud services, to ensure a strong symmetric key is produced.
A number of standards have developed around distributed symmetric key establishment, supporting the interworking between these local key agents and the encryption devices. One notable standard is ETSI014, which was originally developed for QKD but has found applications in DSKE. Additionally, for IPsec VPNs, RFC8784 is used to mix a key generated via ETSI014 with a current PKI-derived key to produce a quantum-safe symmetric key.
Post-quantum cryptography (PQC)
Post-quantum cryptography is another approach to countering the quantum-computing threat.
Traditional algorithms, like RSA and ECC, rely on the difficulty of factoring large prime numbers — a challenge that quantum computers could potentially overcome. PQC focuses on developing new quantum-safe asymmetric algorithms.
The National Institute of Standards and Technology (NIST) has been leading activity in specifying and selecting new asymmetric algorithms that are resistant to attacks from quantum computing. These new ‘post-quantum algorithms’ (PQA) use mathematical structures, such as vectors and lattice arrangements, to prevent quantum computers from breaking encryptions.
In August 2024, after a multi-year ongoing programme, NIST announced the first three standardised post-quantum algorithms, although only one — FIPS203 ML-KEM — is a symmetric key agreement algorithm.
Implementation of this algorithm within communication networks will begin to provide a level of quantum-safe communications. However, it is worth noting that, despite the selection of this algorithm, there is no guarantee that it is secure.
Evaluation of the further two algorithms is ongoing and may provide alternative PQA standards.
Choosing the right approach for quantum-safe communications
Whether you choose quantum key distribution, distributed symmetric key establishment or post-quantum cryptography will depend on the context of your business, the expectation of security and the relevant risk factors in your environment.
QKD is the gold standard for environments requiring the highest security, but it comes with significant logistical and financial requirements.
DSKE provides a more scalable approach, offering a path to quantum-safe networks that can be integrated into existing infrastructure with minimal disruption, making it an attractive solution for many organisations.
Finally, PQC presents the opportunity to embrace post-quantum algorithms on certain pieces of modern infrastructure, offering a future-proof direction should it be time to replace some of your infrastructure.
In our third post on this topic, we will explore how Burning Tree can help you navigate this new threat landscape, understand your risk factors and plan future compliance and transformation activity.
Author credit: Mark Sones and Nigel Edwards
