Communications networks and quantum computing threats

Quantum computer technology is being developed that can calculate solutions in a fraction of the time required by today’s computers. This technology could also be used to overcome encryption methods used to secure communications networks. How quickly will this happen? What should you be doing now? Let’s have a look.

You may have heard or read about the quantum threat and its effect on the internet. But communications networks rely on cryptography too.

Threats to communications

The quantum threat impacts communications in several ways:

1. STIR/SHAKEN uses asymmetric public/private keys to sign and verify calls and the caller information they contain to prevent spoofing.
2. Carrier interconnections use PKI for mutual authentication.
3. Mobile devices and serving networks use encryption keys for mutual authentication.
4. Internet routing information is vulnerable to hijacking. There’s renewed interest and a new FCC initiative underway to fix this using cryptography.

Quantum threat timeline

The National Institute of Standards and Technology (NIST) issued a report on quantum computing. Their 2016 report estimated that cryptography would be safe for the next decade.

The Global Risk Institute issued a study that surveyed 47 experts on quantum computing. Their 2021 study indicates that the quantum threat has a better than 50% chance of being realized in 15 years.

So, plenty of time to worry about this later? Maybe not. Unexpected advances in quantum computing could shorten this timeline, which would be disastrous for organizations that are not prepared to meet the challenge.

We need to get ahead of this risk.

Post-quantum cryptography

The NIST has organized a process to vet and select new standardized encryption methods that are quantum resilient. These new methods don’t rely on quantum physics or engineering. They are designed to use encryption methods for which quantum computing would offer no advantage.

The NIST has gone through three rounds of evaluating new post-quantum cryptography methods. They’ve whittled down the field to seven finalists and eight alternates. NIST plans to announce the finalist in 2022 and publish the final standard in 2024.

What you should do now

The following guidelines are from an ATIS whitepaper, Preparing Communications Networks for the Quantum Future:

1. Raise awareness within your company.
2. Develop organizational structure, roles and budget to manage the transition to quantum safe technology.
3. Develop a Crypto Agility Risk Assessment Framework to inventory assets at risk and develop plans to upgrade, replace or remove them as quantum safe alternatives become available.
4. Monitor the development of post quantum cryptography standards.

More information

Here are other reports on the progress of quantum computing. Some of it gets into the deep end of the technical pool, but they offer another glimpse on the pace of progress.

• APS March 2022 Meeting: Google, Intel and Others Highlight Quantum Progress Points
• Quantum Computing: Top Players 2021 YouTube video reviews leading contenders in the race to build usable quantum computers (13m 23s).

TransNexus solutions

TransNexus is a leader in developing innovative software to manage and protect telecommunications networks. The company has over 20 years’ experience in providing telecom software solutions including toll fraud prevention, robocall mitigation and prevention, TDoS prevention, analytics, routing, billing support, STIR/SHAKEN and SHAKEN certificate services.

Contact us today to learn more.