*A low-cost and time-effective solution for Quantum Safe Migration of legacy & Upcoming Communication Networks & Applications*

Cryptography is used by security practitioners to protect anything that relies on electronic communication and data storage.

Cryptography uses computational hardness as a means to protect sensitive data. There are cryptographic problems that are difficult or impossible to solve using conventional computing.

Cryptographic algorithms can be broadly classified into two categories based on the keys used during the encryption and decryption processes:

• **Symmetric/Secret Key Cryptography:** In this scheme, encryption and decryption keys are the same and they should be known to only the communicating parties.

• **Asymmetric/Public Key Cryptography: **In this scheme, two keys are used i.e. public key (for encryption) and a private key (for decryption). Only a private key needs to be kept secret as it is used for decryption. (See article on QKD in same issue for more details).

#### The threat from Quantum computers on the current cryptographic functions is not only limited to data that is in transit, but also to data-at-rest (e.g. confidential data stored in databases).

In most public communication networks, a combination of asymmetric as well as symmetric key cryptography schemes are used. An Asymmetric/ Public Key Cryptography scheme is used for key distribution purposes while the data flow is secured using a symmetric scheme because of its better performance in the encryption/decryption process.

#### Quantum Computing and Quantum Algorithms

#### Quantum Computing

Quantum computing is the exploitation of collective properties of quantum states, such as superposition and entanglement, to perform computation.

It is a new branch of computing in which the fundamental unit of storage is Qubits rather than bits in the conventional computer. A Qubit can store both 0 and 1 at the same time. Quantum computers perform calculations based on the probability of an object’s state before it is measured - instead of just 1s or 0s - which means they have the potential to process exponentially more data compared to classical computers. In short, we can say, Quantum computers can perform very rapid parallel computations as compared to classical computers.

#### Quantum Algorithms

There are two groundbreaking Quantum algorithms that have laid out a strong foundation for breaking today’s number theoretic-based public key cryptosystems.

• In 1994, Shor proposed a polynomial-time (efficient) algorithm for solving integer factorization and discrete logarithm problems. The algorithm relies on the existence of quantum computers, and hence this type of algorithm is called quantum algorithms. Shor’s quantum algorithm and its variants can be used for breaking most of the currently used public key cryptosystems including those based on ECC.

#### “Store & Harvest” attacks happen where the encrypted data in communication can be stored now and attacks can be done on the stored data in the future, once sufficient strong Quantum Computers are available for attack.

• In 1996, Grover proposed an O(√N)-time quantum algorithm for functions with N-bit domains. This quantum algorithm once realized on quantum computers can be used for breaking symmetric key cryptosystems, and to defend against attacks based on Grover’s algorithm, we need to double the key sizes in order to achieve a similar level of security against conventional computers.

#### Quantum threat to current Cryptosystems

Because of rapid advancement in Quantum computing, security experts worldwide have predicted that in a few years, these computers shall become a threat to the currently used cryptography techniques. In other words, with the help of strong Quantum computers, a security attacker can easily reverse calculate the secret cryptographic keys to get access to the secure data. Experts have predicted that in the coming years, asymmetric key encryption techniques shall be completely broken by Quantum Computers while the strength of symmetric encryption techniques shall be reduced by half. This is because the underlying mathematical techniques used in asymmetric key encryption- prime number factoring and discrete logarithms are predicted to be vulnerable to attack from Quantum algorithms running on Quantum Computers.

The threat from Quantum computers on the current cryptographic functions is not only limited to data that is in transit, but also to data-at-rest (e.g. confidential data stored in databases).

The digital information/ data having long life (like medical records, defense secrets, etc.) are also vulnerable to Quantum attacks.

This kind of attack is called a “Store & Harvest” attack, where the encrypted data in communication can be stored now, and then an attack can do on the stored data in the future, once sufficient strong Quantum Computers are available for attack. Secure Communication protocols that are under threat from Quantum Computers include:

• IPSec

• SSH and TLS

• VPN

• S/MIME

• HTTPS

The above list of protocols practically includes all the protocols used for Communications Security in the present times.

#### Post-Quantum Cryptography (PQC)

Post-Quantum Cryptography (PQC) mainly refers to the development of new asymmetric cryptography techniques that shall use a different classes of underlying mathematical problems such as Lattice-based mathematics & Code-based mathematics, which are believed to be secure against both classical and quantum computers. A competition is being done by NIST (National Institute of Standards & Technologies), a U.S. standardization agency (which has standardized most of the cryptography algorithms in the past) to standardize new PQC techniques.

PQC is the field of cryptography whose objective is to develop cryptosystems that are expected to be secure against both Quantum as well as classical computers. PQC is implemented using today’s classical computers but will be impervious to attack from tomorrow’s quantum computers.

#### Global Efforts and Standardization of PQC Algorithms

In Quantum Computing, progress has been swift. IBM has over 20 of the world’s most powerful Quantum Computers, accessible for free on the IBM Cloud for experiments. Google is aiming to build a “useful, error-corrected quantum computer” by the end of the decade. ETSI’s (European Telecommunications Standards Institute) whitepaper titled “Quantum Safe Cryptography and Security: An introduction, benefits, enablers and challenges” was the first important paper in this area. ETSI has thereafter worked a lot in this area under its Quantum-Safe-Cryptography (QSC) working group.

IETF has come up with many draft Request-for-Comments (RFCs) in this area such as the one on the extension of IKEv2 for incorporation of Post-Quantum Cryptography (PQC) algorithms.

In 2016, NIST (National Institute of Standards and Technology), USA, started PQC standardization program & competition. In this program, NIST has already completed the third round of the Post-Quantum Cryptography (PQC) standardization process, in which it selected public-key cryptographic algorithms to protect information through the advent of quantum computers.

A total of four candidate algorithms (One Key Exchange algorithm - CRYSTALS KYBER and Three Signature Algorithm- CRYSTALS DILITHIUM, FALCON & SPHINCS+) have been selected for standardization. Also, four additional algorithms (BIKE, Classic McEliece, HQC, and SIKE) will continue into the fourth round and some of them may be chosen for standardization at the end of the fourth round.

#### C-DOT’s work in PQC

C-DoT has developed a PQC IP encryptor called Compact Encryption Module (CEM) supporting classical as well as future-proof Post Quantum Cryptographic algorithms for Quantum security. CEM supports the Hybrid approach of Key Encapsulation Methods. In the Hybrid approach, the Key exchange is performed by using a Post Quantum cryptography algorithm alongside a traditional, well-trusted classical cryptography algorithm.

This approach ensures maintenance of current generation security standards as well as providing resistance against attacks from Quantum Computers. Hybrid Approach is the recommended approach for Quantum-Safe-Migration by NIST and ETSI.

C-DOT CEM can perform encryption and authentication operations, independent of application-level protocols, thus making it reliable & suitable for any application. A typical deployment scenario of a PQC encryptor or CEM is depicted in the figure below:

The setup consists of two Compact Encryption Modules (CEMs) connected to each other over a public network with IPSEC tunnel established between them and running in Hybrid mode a classical algorithm and a Post Quantum Cryptography algorithm.

PQC activities were started in C-DoT, keeping in mind the objectives of providing future-proof cryptographic security in voice, data, and video communication through C-DoT-developed products and ensuring that C-DOT-developed communication security products keep pace & comply with the evolving PQC standards at international SDOs (Standards Development Organizations) such as NIST & ETSI.

• C-DOT has successfully developed a PQC Encryptor called Compact Encryption Module (CEM) that supports PQC Key exchange & signature algorithms which are under standardization at NIST.

• C-DOT CEM has been successfully integrated with QKD (Quantum Key Distribution) System as per the ETSI standard for key interface. A combination of PQC and QKD schemes offers the highest degree of future-proof security.

• C-DOT has successfully implemented PQC algorithms in its indigenously developed Quantum Secure Smart Video IP phone.

• C-DOT CEM has been successfully integrated into the VoIP network for Post-Quantum security of signaling between C-DoT Quantum Secure Smart Video IP phone and Signaling server.

• In December 2021, C-DOT has successfully conducted a field trial and demonstration of its PQC Encryptor with the C-DOT QKD system in the Indian Army’s network between ChandiMandir (Haryana) and Kasauli (Himachal Pradesh)

• C-DOT is developing a higher capacity PQC-enabled IP encryptor called Post-Quantum In-line Network Encryptor (PINE). The platform of this product is being designed to meet defense requirements.

• C-DOT is actively participating in the development of PQC-related standards with international SDOs like ETSI, and 3GPP and also participating in forums and conferences by TSDSI (Telecom Standards Development Society of India)

C-DOT is actively pursuing the introduction of PQC in many of its other communication security products so that Quantum-Safe Migration can be done for all the products as per evolving international standards. With C-DOT actively working & developing new innovative products in both PQC and QKD-based Quantum-safe technologies, C-DOT at this moment time in history is in a special position to offer unique quantum-secure end-to-end communication solutions to the country in the years ahead.

**By** **Prashant Chugh & Rakesh Singh Rawat, CDOT**

**feedbackvnd@cybermedia.co.in**