Is there a Quantum Countdown for RSA ? : Can PQC and AI help secure the Encryption

Imagine a world where your online transactions, medical records, and even national secrets are suddenly exposed. This chilling scenario could become a reality if quantum computers crack current encryption standards like RSA. While the “quantum apocalypse” isn’t imminent, proactive organisations are already preparing with post-quantum cryptography (PQC) solutions. The spectre of quantum computers shattering RSA encryption looms large, threatening the security of our digital world. While the “quantum apocalypse” isn’t upon us, forward-thinking organizations are already preparing with post-quantum cryptography (PQC) solutions. But PQC doesn’t stand alone. It marches hand-in-hand with artificial intelligence (AI), its potent tools — machine learning (ML) and large language models (LLMs) — supercharging its development and implementation. This dynamic duo promises a smoother transition to a quantum-resistant cryptographic landscape.

Post Quantum Cryptography

The RSA Conundrum: Factoring its Fragility

RSA, the workhorse of public-key cryptography, relies on the difficulty of factoring large numbers. However, Shor’s algorithm, efficiently executable on a powerful quantum computer, poses an existential threat. It can factor these large numbers in polynomial time, rendering RSA encryption vulnerable.

PQC: donning the Quantum-Proof Armor

PQC algorithms are specifically designed to withstand the onslaught of quantum attacks. They leverage diverse mathematical principles, including:

• Lattice-based cryptography: Utilizes the hardness of problems on integer lattices, offering efficient schemes like Kyber and Dilithium.
• Code-based cryptography: Exploits the difficulty of decoding specific codes, exemplified by Classic McEliece and its signature counterparts, Classic HFEv and Classic ROST.
• Multivariate cryptography: Relies on the inherent complexity of solving systems of multivariate equations, with Rainbow offering diverse security levels and Classic SPHINCS excelling in resource-constrained environments.
• Isogeny-based cryptography: Leverages the intricacies of elliptic curve isogenies, with Classic SIKE and Classic SIDH boasting high security and potential hardware acceleration.

AI & LLMs: Supercharging PQC’s Defense

While PQC offers hope, challenges persist. AI steps in, wielding its powerful tools:

• Algorithm Design & Analysis: LLMs scour vast datasets to unearth new PQC algorithms and refine existing ones. ML models meticulously evaluate security and performance, pinpointing vulnerabilities and suggesting improvements.
• Implementation & Optimization: LLMs generate efficient PQC implementations tailored to specific platforms, while ML models optimize performance, making them practical for real-world use.
• Standardization & Interoperability: LLMs delve into the vast PQC literature, identifying promising candidates for standardization. ML models rigorously test interoperability between different PQC implementations, ensuring seamless communication and data exchange.
• Security Testing & Threat Detection: LLMs, trained on vast attack datasets, identify potential vulnerabilities in PQC algorithms. ML models continuously monitor PQC implementations for anomalies, potentially detecting attacks before they strike.
• Education & Awareness: LLMs generate educational materials, making PQC comprehensible and accessible. ML personalizes training programs, fostering broader understanding and adoption.

The Quantum-Ready Future: A Collaborative Endeavor

PQC and AI offer a powerful synergy, accelerating innovation, enhancing security, and smoothing the transition to the quantum age. Here’s how we can forge a secure future, together:

• Foster Collaboration: Encourage open dialogue and teamwork between PQC researchers, AI developers, and security professionals.
• Champion Awareness: Support initiatives that educate individuals and organizations about PQC’s significance.
• Embrace the Future: Explore how your organization can leverage PQC and AI to bolster its cybersecurity posture.

Additional Technical Considerations:

• Hybrid Approaches: Combining PQC with traditional cryptography offers a layered defence and facilitates a gradual migration strategy.
• Performance and Resource Constraints: Carefully evaluate the performance and resource requirements of different PQC solutions to ensure compatibility with your specific systems and applications.
• Continuous Monitoring: Stay updated on the evolving PQC landscape and quantum computing advancements to adapt your security measures accordingly.

Top PQC Algorithms by far from NIST

In its July 2022 PQC algorithm selection announcement, NIST selected four candidate algorithms as the finalists. FIPS 203, 204, and 205 have been released for public comments, while FALCON will be released for public comments in 2024.

1. FIPS 203. This module lattice-based key encapsulation mechanism (ML-KEM), based on CRYSTALS-Kyber, is used to establish a shared secret key over open (i.e., insecure) channels. Think of this as the replacement for factor-based key agreement schemes for public-facing environments (e.g., RSA), which are expected to be broken by quantum computing. An example of this type of application would be securing connections for websites and web apps.

2. FIPS 204. The modern lattice-based digital signature algorithm (ML-DSA) consists of three algorithms for generating cryptographic keys, digital signing, and verifying the resulting digital signature and is based on CRYSTALS-Dilithium. An example of where this could be used is for remote document signing.

3. FIPS 205. The stateless hash-based digital signature algorithm (SLH-DSA) is a cryptographic function that aims to reduce signature sizes. It’s based on SPHINCS+ and operates differently from the other algorithms at a mathematical level. Much like CRYSTALS-Dilithium, this algorithm would be best suited for remote digital signing.

SPHINCS+ — Amazon and NIST Research on PQC

The countdown for RSA’s demise may not be immediate, but preparation starts now. By embracing PQC and AI, we can build a future where robust cryptography safeguards our digital world, even in the face of quantum challenges. Let’s join forces and navigate the quantum landscape with confidence and security. Together, we can build a future where robust cryptography safeguards our digital world, even in the era of quantum computers. Together, we can build a future where robust cryptography safeguards our digital world, even in the era of quantum computers. The countdown may not be imminent, but preparedness starts now. Let’s embrace the power of PQC and AI to navigate the quantum landscape with confidence and security.

References:

• National Institute of Standards and Technology (NIST). (2023, August 10). Post-Quantum Cryptography. National Institute of Standards and Technology (https://csrc.nist.gov/projects/post-quantum-cryptography).
• National Security Agency (NSA). (2023, August 15). Cryptographic Modernisation and Transition Timeline. National Security Agency (.gov) (https://www.nsa.gov/Resources/Cryptographic-support-Services/).
• Shor’s Algorithm: How Quantum Computing Affects Cybersecurity—SOARS 2021. (n.d.). Unfsoars.domains.unf.edu. https://unfsoars.domains.unf.edu/2021/posters/shors-algorithm-how-quantum-computing-affects-cybersecurity/
• Overbeck, R., and Sendrier, N. (2009). Code-based cryptography. In: Bernstein, D.J., Buchmann, J., and Dahmen, E. (eds), Post-Quantum Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88702-7_4
• Preparing today for a post-quantum cryptographic future. 2022, July 26). Amazon Science. https://www.amazon.science/blog/preparing-today-for-a-post-quantum-cryptographic-future
• Distributed Cyber-Infrastructures and Artificial Intelligence in the Hybrid Post-Quantum Era | IEEE Conference Publication | IEEE Xplore. (n.d.). Ieeexplore.ieee.org. https://ieeexplore.ieee.org/abstract/document/10063497‌