Categories
News

The First NIST-approved PQC Algorithms Announced, CISA Poses Guiding Roadmap for Preparation

Post-Quantum Cryptography (PQC) standardization has broken new grounds in the past year, and relevant developments can be traced back to a cryptography standardization competition held by the National Institute 0f Standards and Technology (NIST) in 2016. Out of all 82 submissions, 69 were chosen from the competition for further evaluations. After three rounds of competition that ran for six years, the first approved standardized algorithms were finally revealed on July 5th, 2022.

Four algorithms were chosen in the standardization process, and the two primary algorithms to be implemented are CRYSTALS-Kyber (Public-Key Encryption/KEMs) and CRYSTALS-Dilithium (Digital Signatures). Two other digital signature algorithms FALCON and SPHINCS+ were also selected to be standardized.

NIST Proposes Two Primary Algorithms in Hopes of Incorporating Different Mathematical Calculations.

Essentially, the PQC Standardization competition aims to single out top-tier quantum-resistant cryptography systems that can challenge the conventional public key cryptography. In other words, there need to be insolvable mathematical problems for traditional and quantum computers alike to protect digital security in the present and future.

If things went according to the initial timeline, there should have been the first group of standardized algorithms chosen at the end of January. However, NIST prolonged the decision by half a year, announcing the first group of candidates to be standardized in July.

As mentioned, NIST has handpicked two primary algorithms for standardization: CRYSTALS-Kyber and CRYSTALS-Dilithium.

For encrypted PKE/KEMx, CRYSTALS-Kyber is relatively more efficient than its competitors and its public key and ciphertext sizes are acceptable for most applications. Kyber’s bandwidth is also at acceptable levels.

Regarding the algorithms under digital signatures, CRYSTALS-Dilithium is similar to Kyber, both achieving high efficiency on most applications and proving to be highly secured. As for the other two selected candidates, FALCON has the smallest bandwidth and is fast when verifying signatures. Despite the low bandwidth, FALCON might be a more suitable choice in some constrained protocol scenarios. SPHINCS+ is a third-round alternate candidate that is different in that it is hash-based instead of lattice-based like its three other cohorts. This avoids having to rely on solely lattice-based algorithms. Though it may be slightly less efficient than others, it still holds high potential and value.

NIST also announced the KEM algorithm candidates that will head into the fourth round, including BIKE, Classic McEliece, HQC, and SIKE.

In the world we live in, applications of all sizes require digital security and encryption. Hence, NIST stresses the need to have a standard for all scenarios such that if one fails, other algorithms can immediately replace the previous one.

The reality is, despite lattice-based algorithms being mainstream, NIST has emphasized multiple times that there needs to be another type of algorithm ready to use if there were to be breakthroughs in lattice-based cryptography. Furthermore, NIST hopes to promote the concept of crypto-agility, quickly introducing a new algorithm into a secured system. After all, there is no guarantee that these standardized algorithms are impenetrable.

Right now, NIST encourages organizations to explore the new algorithms and consider how their applications will use them but they advise against “baking them into their systems” since there may still be minor changes before they officially standardize everything.

NIST has also planned to call for new public key digital signature algorithms that have “shorter signatures and faster verification.” The submission deadline for this is June 1, 2023.

In response to NIST’s current list of standardized algorithms, cryptography expert Daniel J. Bernstein notes that NIST did not secure the patent buyouts before announcing Kyber’s selection, which would provide the patent holders with more power. It is rumored that NIST may look to other candidates such as NTRU if agreements are not reached by the end of the year.

US Government Asked Organizations to Start Planning for the Transition and Issued Relevant Guidelines

As quantum computing continues to develop, public key cryptography is bound to be changing.

Though NIST devised its standards for the United States, this impacts how the rest of the world adjusts its standards, including Taiwan and its businesses.

Recently, many cryptographers have advised governments, businesses, and corporations to inspect applications that are already using public key cryptography.

There are Taiwanese IT companies that have been prepping for the NIST’s announcement. In May, hardware security company WiSECURE announced that their commercial hardware security platform kvHSM successfully implemented the SPHINCS+ digital signature algorithm. In addition, they also implemented CRYSTALS-Kyber and CRYSTALS-Dilithium on their HSM (hardware security module) platform. Such immediate successes are the results of efforts devoted to post-quantum cryptography application in years prior.

Regarding the current preparation of Taiwanese businesses for this change, Jimmy Chen, CEO of WiSECURE and the Assistant Professor of Mathematics at the National Taiwan University, emphasizes the credibility and value NIST publications provide. He suggests people look at the PQC report from the National Cybersecurity Center of Excellence (NCCoE), an entity under NIST, as a major source of information.

The American government has also responded quickly in its preparation. On May 4th, President Biden officially signed the 10th National Security Memorandum (NSM-10). The document includes guidance regarding the country’s development in quantum technology, one is requesting the federal government to transition towards PQC systems. NIST and CISA will be responsible for this request, each required to inventory all systems and assets on the federal level that have to do with public key cryptography.

Today, as the report from July 5th CISA report advises, organizations should devise the blueprints for PQC applications to ensure a smooth transition period with public key cryptography.

CISA has provided six guidelines:

  1. Inventorying your organization’s systems for applications that use public-key cryptography.
  2. Testing the new post-quantum cryptographic standard in a lab environment; however, organizations should wait until the official release to implement the new standard in a production environment.
  3. Creating a plan for transitioning your organization’s systems to the new cryptographic standard that includes:
    • Performing an interdependence analysis, which should reveal issues that may impact the order of systems transition;
    • Decommissioning old technology that will become unsupported upon publication of the new standard; and
    • Ensuring validation and testing of products that incorporate the new standard.
  4. Creating acquisition policies regarding post-quantum cryptography. This process should include:
    • Setting new service levels for the transition.
    • Surveying vendors to determine possible integration into your organization’s roadmap and to identify needed foundational technologies.
  5. Alerting your organization’s IT departments and vendors about the upcoming transition.
  6. Educating your organization’s workforce about the upcoming transition and providing any applicable training.

The following article is an adaptation/translation from iTHome’s recent article and the NIST report. For more information, please look at the full report on NIST’s website.

Categories
News

CISA’s Announcement on NIST’s New Cryptographic Standards

The Cybersecurity & Infrastructure Security Agency (CISA), recently made an announcement following NIST’s new post-quantum cryptographic standards. The announcement cited that NIST and CISA “strongly recommend” organizations start preparing for the transition even though NIST will not be publishing new post-quantum cryptographic standards for commercial usage by 2024. A few guidelines/suggestions the organizations have suggested include:

  • Inventorying your organization’s systems for applications that use public-key cryptography.
  • Testing the new post-quantum cryptographic standard in a lab environment; however, organizations should wait until the official release to implement the new standard in a production environment.
  • Creating a plan for transitioning your organization’s systems to the new cryptographic standard that includes:
    • Performing an interdependence analysis, which should reveal issues that may impact the order of systems transition;
    • Decommissioning old technology that will become unsupported upon publication of the new standard; and
    • Ensuring validation and testing of products that incorporate the new standard.
  • Creating acquisition policies regarding post-quantum cryptography. This process should include:
    • Setting new service levels for the transition.
    • Surveying vendors to determine possible integration into your organization’s roadmap and to identify needed foundational technologies.
  • Alerting your organization’s IT departments and vendors about the upcoming transition.
  • Educating your organization’s workforce about the upcoming transition and providing any applicable training.

For more information on the issue please refer to CISA’s announcement, as well as the website of the National Cybersecurity Center of Excellence (NCCoE) regarding post-quantum cryptography.

Categories
News

NIST Announces Third Round Post-Quantum Cryptography Standardization Process Results & Fourth Round Candidates

On July 5th, the National Institute of Standards and Technology (NIST) announced its results for the third round of the Post-Quantum Cryptography (PQC) standardization process.

Out of the four candidate algorithms for standardization, NIST recommended CRYSTALS-KYBER (key-establishment) and CRYSTALS-Dilithium (digital signatures) for most use cases. Furthermore, FALCON and SPHINCS+ (digital signature) will also be standardized.

On the other hand, Classic McElice, which is highly regarded as secure, was a finalist yet was not standardized by NIST in this round. There is a possibility this algorithm will be standardized at the end of the fourth round.

For more information on this topic, please see the NIST report and the detailed briefing of the candidates chosen.

Categories
News Report

Federal Office for Information Security (BSI)’s Guide on Developments in Quantum Technologies

The Federal Office for Information Security, also known as BSI (Bundesamtes für Sicherheit in der Informationstechnik), is the German federal agency in charge of managing communication and computer security for the German government.

This guide is intended to provide an overview of the most important developments in the field of quantum technologies from the point of view of IT security, as well as recommendations for action for migrating to quantum-safe cryptography. The transition to quantum-safe cryptography leads to numerous open questions (for example, the selection of suitable algorithms, necessary adaptations to protocols and standards, and many more), which are discussed in this document. As a basis for this discussion, the possibilities and the state of development of quantum computers are roughly described first. Then, the document discusses post-quantum cryptography and quantum cryptography in detail and distinguishes between these two complementary proposals.

Please refer to the complete guide for more information.

Categories
News

NSA: President Biden Signs Memo to Combat Quantum Computing Threat

On May 4th, 2022, The White House announced that President Joe Biden signed a National Security Memorandum (NSM) aimed at maintaining U.S. leadership in quantum information sciences and to mitigate the risks of quantum computing to the Nation’s security..

Read the full news article from the NSA website here.

Categories
Analysis

Analysis: Global Trends of Hardware Security Module

With the rapid rise of digitalization, emerging applications are springing up in all industries, changing how people communicate and increasing the efficiency of business operations. However, with the deployment of digitalization and the internet of things, hardware platforms have carried countless personal information, user behavior & transaction data, mailing addresses, etc. The key to providing users a secure and reliable environment between “dynamic and static” (dynamic data transmission and static data storage) lies within encryption and authentication services in cryptography, where users are free from the risks of data tampering, and identity impersonation, and asset theft. When it comes to data encryption and authentication, hardware security modules (HSM) cannot be overlooked.

Hardware Security Module

Today, more organizations and governments use encryption and authentication functions to protect data content and manage access rights. At the same time, more regulations require systems to have encryption and authentication functions.

These include the California Consumer Privacy Act (CCPA), the pseudonymization in the General Data Protection Regulation (GDPR), the regulations managing the storage and transmission of PIN codes and personal privacy data in the Payment Card Industry Data Security Standard (PCI DSS), and the Health Insurance Portability and Accountability Act (HIPAA) that manages the security of patient privacy.

When the data in the system is not encrypted, the attack surface is not effectively limited and hackers have a higher chance of obtaining the data. After the data is encrypted with a cryptographic key, the risk of data leakage now completely falls on the key itself, which can effectively reduce the attack surface. However, if the cryptographic key is leaked, the data in the entire system has a high chance of being decrypted and stolen. Thus, key management is integral to the cryptographic services. A hardware security module (HSM) is going to be used to safely store the keys and provide cryptographic services.

Global Market Development

In the global application field of hardware security modules, LAN-based is the most common type in the market. This is mostly used in BFSI (banking, financial services & insurance), providing high-speed digital signatures and other applications such as satisfying the authentication requirements.

However, with the fast developments of embedded systems, computing abilities have significantly increased. Calculations and applications needed from the host can now be done from other systems such as mobile devices and edge computing. These peripheral systems have brought the processing of large data streams and the execution of applications closer to users. This change also signifies exponential growth in the demand for computers, tablets, smartphones, and other end devices in the future. According to renowned global market research, USB-based hardware security modules have the most growth potential in the next decade. It also supports file encryption and storage, in addition to the “passwordless authentication” promoted by the FIDO Alliance, to protect private data stored on a computer or mobile office (Windows to GO).

The Shortcoming of the Hardware Security Module Industry

Despite having an 11% compound annual growth rate (CAGR), the hardware security modules industry is still not able to satisfy the security demands of emerging applications, small and medium enterprises (SMEs), and startups.

A lot of times, the hardware security modules of major manufacturers only need to meet the requirements of the military, political, and financial related units and match the clients’ budgets and cost structures. Taking account of specific application scenarios, the products usually have a “high unit price” and are “one-dimensional” in their functions.

The evolving trends are still not able to affect the rigid structure of the HSM industry as conventional industries are still limited by “costs” and the “knowledge of information security” when applying information security hardware. Even if costs are not a problem, “feasibility” and “flexibility” still pose as problems. Whether it be educational training or new standards or the introduction of new algorithms, there will be additional costs that will burden the industry.

From relevant market research and analysis, an industrial revolution of hardware security modules is needed so enterprises of any size can introduce hardware security services on the premise of meeting economic benefits as well as being mindful of the usability of products and subsequent maintenance costs.

Furthermore, facing the unknown amid the COVID-era, flexible and multi-faceted hardware security modules are the ones that can fastly adapt to the ever-changing threat landscape.

WiSECURE Technologies Achieves Cultural Innovation

WiSECURE Technologies is the only HSM manufacturer in Asia that produces the three form factors of PCIe, USB, and MicroSD. We (WiSECURE Technologies) take the perspective of cultural innovation instead of pursuing arms race-styled market strategy or imitate the successes of industry peers. We break down the industry norms, define the shortcomings, and concentrate resources precisely on products worth developing in.

WiSECURE has its self-developed cryptographic algorithms and professional expertise to apply hardware cryptography. Combining these with Taiwan’s well-equipped supply chain, from algorithms to hardware cryptography to developing models that can all be completed independently, the standardized cryptographic core can be introduced into different types of hardware platforms (PCIe, USB and MIicroSD) so servers, computers, tablets, mobile devices, and other embedded systems can have a complete hardware security module. Through the strategies of the product, SMEs with limited costs but needing encryption services can freely choose different types of hardware security modules according to operating costs and business models, and deploy hardware encryption services for products and their own systems.

Global Market Expansion

Vince Lin, Marketing Director of WiSECURE Technologies, stated that due to the work-from-home culture started by the pandemic in 2020, many European, American, and Southeast Asian manufacturers have been looking for online opportunities for exposure or collaboration through online platform events. Not only does this promote networking online with other companies, but this also means companies can expand international sales, educate the market, and share corporate ideas at a relatively lower cost.

As a cultural innovation leader in the HSM industry, we are not just looking for ordinary users, but those who are familiar with the current situation of the industry, those who understand the brand value of WiSECURE Technologies, and those who are willing to become the global partners of pioneers.


The following article is a translation from the original article published on the WiSECURE website.

Categories
News

WiSECURE Security Key Receives FIDO Level 2 Certification

The FIDO2 authentication, supported by AuthTron™, was the focal point of the Web Authentication (WebAuthn) in 2018. Within a year, this was recognized by major players and became the global standard. The FIDO2 authentication allowed physical security keys to be strongly authenticated through the browser, which lowered the applicable threshold. The focus of L2 is to “conform to a solution included in FIDO Allowed Restricted Operating Environment and Allowed Cryptography.” WiSECURE adopted the CC EAL 5+ authenticated secure cryptoprocessor that can block side-channel attacks, man-in-the-middle-attacks, and phishing tactics. Until now (November 1st, 2021), there are only four companies worldwide, including WiSECURE, that have received the FIDO2 L2 authentication.

WiSECURE has the exclusive patent to the “Touch Pattern Authentication”, which uses cognitive behavior to replace fingerprint recognition. This type of authentication aims to solve users’ privacy concerns about biometrics and greatly reduce hardware costs under the premise of high security.

CEO of Japanese System Integrator M-Plus remarks, “AuthTron™ debuted at the Japan IT Week exhibition on October 27th – October 30th, which attracted a lot of attention since this product appeals to many regarding data protection and identity verification purposes.”

On November 1st, 2021, WiSECURE simultaneously announced to become the original design manufacturer (ODM) for FIDO2 L1 and L2 security keys to help clients save development costs and build their own security keys.

FIDO (Fast Identity Online) was established in 2012 to promote a set of open and interconnected authentication standards. Its goal is to protect users from password threats. There are over 250 members in FIDO right now, including the founding members of PayPal, Infineon, Google, Microsoft, and other big names that will drive the industry to welcome the future.

This article is a translation from the original article published on WiSECURE’s website.