Post-Quantum Cryptography
MTG AG will present how post-quantum cryptography can be used on embedded systems at Hannover Messe 2021.
How long are today's encryption methods safe from quantum computer attacks? When and how should companies prepare for the future? What relevance does PQC have for Industry 4.0?
MTG's IT security experts will present to journalists how implementable solutions are already possible today to protect against cyberattacks of the upcoming post-quantum age.
1. Why do companies need to start looking at PQC today?
Post-Quantum Cryptography (PQC) is the area of cryptography that deals with cryptographic principles and algorithms that are secure against attack by quantum computers. Commercial quantum computers are most likely to be available by the end of the next decade, experts say. That is apparently still a long way off in the future, especially since it seems reasonable for corporate executives to wait for the NIST standardization process for PQC algorithms to be completed. However, this strategy entails risks, because PQC is already relevant today, especially for long-lived products and critical infrastructures. Applications that work with asymmetric encryption methods and thus exchange data securely today are particularly affected. Encrypted data that is recorded today will be easy to decrypt in the future thanks to quantum computers. This means that considerable damage can be caused retrospectively.
A self-driving car developed and sold this decade is very likely to be exposed to new attack risks unprotected during its operational lifetime. So once long-lived products and services run into the quantum computing era using current encryption methods, it will be too late for companies to act in time.
Decision-makers from relevant industries must therefore take action today to adequately protect themselves against future threats from quantum computers. Affected industries include
▪the transport sector (e.g., automotive industry, railroad operations, airports)
▪the energy supply (e.g., power plant, grid operation),
▪the state authority system (e.g., police, military, government, judiciary),
▪research & development (e.g., high-tech companies, government research institutions).
2. How can you protect yourself already today?
MTG has developed PQC solutions that can already be used and tested today. We would like to offer interested journalists the opportunity to see for themselves in a live web session that quantum-safe applications can already be put into practice today. Specifically, the following use cases are involved:
(1) Sunray Web Browser: PQC web browser, based on Mozilla Firefox, offers all the features of a modern browser with built-in support for PQC TLS.
(2) PQC Web Server: based on Apache Tomcat, it offers all the features of a modern web server with built-in support for PQC TLS.
(3) Sunbeam email client: PQC encrypted email, based on Mozilla Thunderbird, offers all the features of a modern email client with built-in support for PQC SMIME.
(4) PQCDoc: Sign and encrypt archived documents with selected PQC algorithms.
(5) PQC for embedded systems: A Classic McEliece based Ephemeral Key Exchange for the mceliece348864 parameter set can be executed on an ARM Cortex-M4 board with 256 KB RAM.
In order to use these applications, PQC certificates must be generated and used from the MTG PKI. Key generation and storage are performed on Utimaco's hardware security modules, which have been specially adapted for PQC. The PQC algorithms used are Classic McEliece and Sphincs+. These have so far proven successful in the selection rounds of the NIST standardization process.
3. Relevance for Industry 4.0: How can PQC be implemented for embedded systems?
At the Hannover Digital Trade Fair 2021, MTG aims to present how quantum-safe encryption methods can be used on embedded systems.
The scientific work dealt with the question how storage requirements for the Classic McEliece public key could be reduced. Classic McEliece is often not considered for embedded devices, because with 255KB to over 1MB the sizes of public keys are usually much too large for the available memory. A possible solution is that such keys are generated externally and written to the flash memory of the device, but this only makes sense for limited application purposes. The space problem is solved by compact storage of the key pair. This is achieved by not explicitly storing the public key, but by adding a much smaller matrix to the private key. With this method, the public key can be generated piecewise "on-the-fly" without having to store it completely in memory.
To demonstrate the practical relevance, a proof-of-concept TLS implementation was implemented. It could be demonstrated that it is possible to run a Classic McEliece based Ephemeral Key Exchange for the mceliece348864 parameter set on an ARM Cortex-M4 board with 256 KB RAM. Although the public Classic McEliece key was already 255 KB in size, there was still enough memory left for the TLS stack, the TCP/IP stack and for the verification of SPHINCS+ signatures in the TLS handshake.
4. By whom was this progress supported?
The results were supported under two grant projects:
(1) LOEWE 3 Project Use-A-PQClib
In the LOEWE 3 project Use-A-PQClib, which is supported by the state of Hessen, MTG has essentially integrated the Classic McEliece and SPHINCS+ PQC algorithms into today's common interfaces and protocols such as TLS; PKCS#11 and NSS. This created the possibility to enable PQC secure connections with the browser already today and to develop email encryption and signing resistant to possible attacks by quantum computers. The project was successfully completed on 31.12.2020.
(2) BMBF Project QuantumRISK
The BMBF-funded project QuantumRISK - Next Generation Cryptography for Embedded Systems, aims to investigate post-quantum cryptography techniques for resource-constrained embedded systems and to move them from theory to application. As a result of the project, PQC techniques should be optimized for low power consumption and low memory requirements while maintaining a high level of security.
The project partners Continental, Elektrobit, Fraunhofer SIT, RheinMain University of Applied Sciences, MTG AG, Ruhr University Bochum and Darmstadt University of Technology will come up with results in mid-2022.
5. About MTG
MTG AG is one of the leading specialists for sophisticated encryption technologies in Germany. MTG's innovative IT security solutions effectively secure critical infrastructures and the Internet of Things. MTG offers a special portfolio of security products and services that are aligned with UTIMACO Hardware Security Modules (HSM).
The MTG product range includes public key infrastructures, key management systems and HSM integration. The special feature of these products is the hybrid use of traditional and quantum secure algorithms. A coordinated portfolio of security products and services is offered for the introduction of smart meter systems in Germany. MTG is ISO 27001 certified and operates an evaluation facility for IT security recognized by the German Federal Office for Information Security (BSI). MTG regularly cooperates with partners from industry and academia in publicly funded research projects. Research topics such as post-quantum cryptography or the analysis of network anomalies in energy grids are a key driver of the innovation and product development strategy.
