It’s easy to overlook the extent to which we rely on security keys in our daily lives.
The smartphone is an excellent example of security that we take for granted, from
our online banking and contactless payments to our private photos shared with
family and friends. It’s easy to regard these and other connected IoT
devices that use current cryptographic systems as secure. However, that could
change in the blink of an eye with a sufficiently powerful quantum computer.
Security experts, including those at NXP, have warned for years that when
quantum computing finally emerges from the R&D lab, it will likely be capable
of solving problems that no computer today can feasibly solve. Quantum
computing’s computational power is measured in qubits. It would take almost
10,000 logical qubits to compromise the popular RSA-3072 public-key algorithm.
We aren’t there yet—IBM's
Eagle, a 127-qubit quantum processor, broke the 100-qubit barrier in November 2021.
Although we only have 100 qubit computers today, Neven’s Law observes that
quantum computers are gaining computational power at a double exponential
rate, which is much more aggressive than Moore’s Law. If this upward trend in
quantum computing innovation continues, we may see quantum computations
capable of solving real-world cryptographic problems in 10 to 15 years. The
ability to instantly perform massive calculations threatens our entire
standardized public-key infrastructure (PKI), and the impact extends across
security for every digital connection imaginable.
This security threat is much more dangerous than other security threats
because legacy keys are not patchable. That means security keys issued today
will be under threat when quantum computers become available. Everything from
your car to your bank to your connected light switches can be compromised by a
large-scale quantum computer.
Unauthorized access to over-the-air firmware update mechanisms in our vehicles
opens up the possibility of adversaries installing dangerous modifications.
Audit trails and digitally signed documents associated with car safety
certifications could be retrospectively modified or forged. Critical
industrial and public service infrastructure for healthcare, utilities and
transportation could become exposed, potentially destabilizing cities and
creating other dangerous security breaches.
But it’s not all doom and gloom. I am very proud to work with a team that saw
this threat coming and has been working to create new cryptography solutions
that will help keep our data and devices safe and secure.
NXP helps standardize next-generation security with post-quantum cryptography.
Cryptography provides the building blocks to security, where standardization
bodies such as the US’s National Institute of Standards and Technology (NIST)
or the German Federal Office for Information Security (BSI) continue to play a
vital role. Like NXP, they are keenly aware of the impact that quantum
computing will have on the classic security techniques employed today. To
ensure suitable replacement cryptographic standards are in place before the
standard cryptography security techniques are no longer secure, NIST launched
a global post-quantum cryptographic (PQC) competition in late 2016. We were
eager to be part of the solution and immediately put our best security experts
to work alongside colleagues in academia and across the industry to submit
algorithms that might serve as the foundation for the future of post-quantum
NIST’s selection criteria emphasized mathematical security and algorithm
design. Our highly knowledgeable security experts took a deep dive into the
practical implementation aspects for both algorithms, paying particular
attention to physical side-channel and fault attack vectors. Of the four key
encapsulation mechanism (KEM) finalists announced in 2020, we are proud that
two are co-authored by NXP security experts. This week, NIST made their
first announcement regarding the selection of the winners from amongst these
finalists. The Crystals-Kyber algorithm co-authored by the security experts at
NXP was among the winners that will be standardized. A second co-authored
submission, Classic McEliece, was selected to move forward to the next round
for further analysis and consideration for standardization.
I could not be more proud of the NXP security experts who are part of this
groundbreaking solution. The algorithms selected by NIST are needle-moving
innovations that will help ensure the continued security of data and devices
across all aspects of our world, from cars, to city infrastructure, to smartphones, to IoT devices.
Now the industry must begin the process of bridging today’s cybersecurity
standards with the post-quantum standards of tomorrow. These post-quantum
standards must be able to protect against the security threat posed by quantum
computers, but able to run on a classic computer with the help of new and
existing cryptographic hardware accelerators.
This will be difficult to achieve, but I have every confidence that the deep
expertise of our cryptography team is up to the challenge. In fact, our
skilled team has developed products that already support new algorithms,
provided by the Commercial National Security Algorithm Suite (CNSA Suite),
that transition between current-day techniques and a quantum-resistance
Moving forward with the new post-quantum cryptography standards, our security engineers and
cryptographers will continue to ensure that the practical needs of embedded
security for a post-quantum future are met.