Data Security Future-Proofing Your Data: Post-Quantum Cryptography and Beyond? Like all relationships, our relationship with our customers is built on trust. You trust us with handling and securing the life blood of your company – your data. Behind the scenes, this trust relies heavily on cryptography, the art of scrambling information to keep it safe from malicious actors. But what happens when the tools we use to secure our data become vulnerable??? By Michael Fasulo and David Cunningham | May 2, 2024 Enter the looming threat of quantum computing. These powerful machines harness the power of quantum mechanics to solve problems more quickly than traditional computers. This includes cracking the key and encryption standards that safeguard our world of data. This is where post-quantum cryptography (PQC) comes in, and why Commvault has chosen to implement it to safeguard your data. Why We Need PQC Many of the asymmetric and symmetric cryptography algorithms we use to protect data from prying eyes rely on mathematical problems factoring in large numbers. While these are difficult for classical computers to crack, quantum computers solve these mathematical problems significantly faster, making what was once thought impossible very much possible. ?? This could leave any sensitive information that is normally encrypted, such as credentials, emails, financial data, and medical records, exposed. You might think the threat of quantum computing is five to ten years away, but anyone who recently attended the keynote at Ignite/Reinvent/Next would know that quantum computing resources are already available and the technology is rapidly advancing. And now it’s available to anyone, including malicious actors. The question is, how do you shield your organization? A Multi-Faceted Approach: Bigger Keys, Better Locks, and PQC Although full-fledged PQC algorithms are still on the way to being standardized, there are steps we can take now to bolster our defenses. One approach is to increase cryptography key lengths on symmetric algorithms, so it takes a longer time to crack encryption with brute-force attacks. This is very similar in principle to increasing the number of pins in a tumbler lock. The more pins the lock utilizes, the more difficult and time consuming it is to crack. The larger and more complex the key is, the harder and longer it takes to replicate or guess. Secure Post-Quantum Data Encryption AES encryption has long been the industry standard algorithm for secure symmetric encryption, and in the near term it will continue to be relatively sufficient in securing against quantum brute-force attacks, as long as high key sizes are utilized. Commvault already has standardized data encryption on AES-256, which is the highest supported key length for AES. To put things into perspective, we can look at Grover’s algorithm to demonstrate the potential threat of brute-force attacks. Grover’s algorithm is a commonly known algorithm used to solve complicated mathematical problems. It also can be used to speed up password brute-force attacks, especially when executed on quantum computers. With Grover’s algorithm, the time to crack AES-256 encryption still would be impractical due to the key size (it effectively halves the key size) and because the current generation of quantum computers is not quite powerful enough. So, AES-256 is still a viable encryption algorithm in the foreseeable future. Secure Post-Quantum Communication When it comes to the asymmetric encryption algorithms (public-key cryptography) that are used for secure communication and digital signatures, things look bleak. This is one of the cryptographic areas at highest risk of impact by quantum computing since RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography) algorithms are severely weakened by quantum computers. Following public calls to action to develop PQC standards, the National Institute of Standards and Technology (NIST) coordinated the solicitation, evaluation, and selection of candidate algorithms for PQC starting in 2016. As of December 2023, the final post-quantum algorithms have been selected, and NIST has begun drafting the standard guidance and publications around them. Commvault has taken the first steps in incorporating some of the upcoming PQC standards to improve secure communication. Two key components needed to be updated to provide quantum protection: Key exchange and encapsulation: Establishes a symmetric encryption key during TLS setup. Signature generation and verification: Creates a chain of certificates and authenticates parties involved in the TLS setup, preventing man-in-the-middle attacks. The traditional key exchange algorithm, ECDH (Elliptic-curve Diffie-Hellman), is susceptible to attacks with the advent of quantum computers. CRYSTALS-Kyber, a NIST-approved post-quantum algorithm, serves as a replacement for ECDH. However, a secure TLS connection requires more than just key exchange. Both ECDH and Kyber are vulnerable to man-in-the-middle attacks. This necessitates the use of a certificate chain and signed/verified messages during TLS setup. Conventional cryptography relies on RSA with large private/public key sizes (2048, 3072, etc.) for this purpose. NIST has recommended post-quantum alternatives for RSA, which includes: CRYSTALS-Dilithium3 Falcon Sphincs+ Today’s Best Combo Customers immediately can begin securing their environment against quantum-based attacks starting in the most recent software release, Commvault Cloud CPR 2024, which leverages CRYSTALS-Kyber for key encapsulation, and CRYSTALS-Dilithium3 or FALCON for digital signature schemes, to provide secure communication within the Commvault? Cloud platform. Once enabled, data communication within Commvault will be resistant to quantum attacks, while your data is encrypted at its source with AES-256 algorithm, keeping your data safe from modern and future quantum threats. Given that the quantum space is under rapid development, along with additional scrutiny of these algorithms, Commvault Cloud has implemented a flexible framework that allows selection of other algorithms and key lengths, for both key exchange/encapsulation and signature generation/verification, providing a futureproof way to remain vigilant in this ever-changing space. The Road Ahead As with all security measures, PQC is yet another layer to implement on top of other security controls to keep you cyber resilient. We recommend using Security IQ to gain insights into your own security posture and implement controls to keep your data safe from quantum and other attack vectors. Similar to how trust is a continuous process, Commvault’s continual investment in cyber resilience and quantum protection will keep your data safe against ever-evolving threats. You can learn more about Security IQ here. More related posts Backup and Recovery The Resilience Rundown Podcast: Navigating Active Directory Threats and Protections Sep 19, 2024 View The Resilience Rundown Podcast: Navigating Active Directory Threats and Protections Cloud Commvault Platform Release 2024E Aug 15, 2024 View Commvault Platform Release 2024E Data Protection Attackers Overstay Their Welcome Jul 15, 2024 View Attackers Overstay Their Welcome