Post-Quantum Security Threads and Strategic Actions | WSO2Con Barcelona 2025
AI Summary
Summary: Quantum Computing and Cryptography Threats
- Introduction to Cryptography and Quantum Threats
- Overview of classical cryptography, including RSA and DSA.
- Discussion of the emerging threats posed by quantum computing to classical encryption methods.
- Classical Cryptography
- RSA: Based on the difficulty of factoring large prime numbers. Security relies on the size and complexity of keys. RSA-2048 is designed to withstand attacks for a very long time.
- Elliptic Curve Cryptography (ECC): Provides equivalent security with smaller key sizes compared to RSA.
- Threat of Quantum Computing
- Explanation of qubits and their power due to superpositions.
- Quantum algorithms, such as Shor’s algorithm, can factor numbers and compute discrete logarithms exponentially faster than classical methods.
- Future quantum computers (CRQC) could break current cryptographic systems.
- Post-Quantum Cryptography
- Introduces encryption methods that remain secure against quantum attacks, such as lattice-based cryptography.
- Current initiatives include developing new secure standards and protocols.
- Important Projects: Open Quantum Safe (OQS) creates quantum-resilient algorithms and integrates them into common security protocols (e.g., TLS).
- Action and Recommendations
- Importance of organizations recognizing the threat and preparing for it.
- Suggestions include creating awareness, assessing security needs, developing a quantum center of excellence, and planning transitions to quantum-safe infrastructures.
- Recognizing the urgency due to potential threats like “harvest now, decrypt later” by malicious actors.
- Conclusion
- Emphasis on the critical need for businesses and agencies to migrate to quantum-safe infrastructures before quantum computers become a reality.
- Continual evolution in standards and algorithms is needed to stay ahead of potential quantum threats.