The key to modern asymmetric cryptography is to create an equation that is easy to solve in one direction but difficult to reverse by an adversary in the other direction. Traditionally, this was done through modular arithmetic, where a large prime modulus and a generator were used to generate a key, although there are multiple methods.
The strength of this one-way function is measured by the time and computing power needed to reverse it. ECC 256, considered by many to be one of the gold standards in modern cryptography, would take millions of years to crack using current computing and capabilities. Today’s encryption standards are more than adequate in securing real-time and historical data in IoT devices.
However, as we glance ahead into the future, that will change. The US National Institute of Science & Technology (NIST) and the European Union are preparing for the first quantum computers to be available in the early 2030s. Quantum computers are a completely new type of machine that leverage the principles of quantum mechanics to solve complex problems that are currently beyond the scope of today’s computers. Once considered science fiction, the quantum computer is moving ever closer to reality, with IBM and Google among the companies leading the charge.
That’s great news for drug manufacturers, chemists, material scientists, and others who will use quantum computing to promote technological advances. However, it is bad news for security professionals who expect to see quantum computers crack modern cryptography, like that of the ECC-256, in days.
Has the time come for IoT security to prepare for quantum computers?
Today’s ultra LPWA IoT chipsets have a 15-year battery life. Smart meters and other smart devices deployed today should have some overlap with the quantum computer era. In all likelihood, devices deployed in five years will have to contend with quantum computers. That expected overlap would make it prudent to integrate encryption solutions today that can withstand quantum computers’ power.
Unfortunately, it’s not that simple. Much research is being done on cryptography for a post-quantum world by government institutions like NIST, universities such as MIT and Stanford, private companies including IBM, and others. Those solutions may make sense for some types of connected devices, such as automotive, which support high throughputs and have refillable power sources. However, many low-end LPWA IoT devices lack the memory, power, and throughput required to support these proposed methods. Adding those capabilities today for an issue that is 15 years down the road will significantly increase the size and cost of the chips.
A second challenge relates to the solutions themselves. The market is not familiar with post-quantum cryptography. Any new cryptographic methods under development today that are based on different mathematics may be found to have vulnerabilities and open attack vectors.
To further complicate this issue, there is the question of urgency. We don’t know when quantum computers will be developed with sufficient Qubits available to crack a complex encryption. Once they are developed, they will be owned by governments and universities, and using them could cost tens of thousands of dollars an hour. Considering all those factors, is there a risk that people will use those resources to hack into LPWA IoT devices like water and electricity meters, which most likely will have a negative return on investment for the hacker?
Finding the right approach
Organizations are currently evaluating one of two approaches. The first approach is to develop products that can be upgraded when quantum computers become a threat. This crypto-agility, which will be required to deal with post-quantum cryptography methods, allows manufacturers to continue developing devices while controlling costs.
A second approach is to integrate and start using advanced cryptographic functions considered secure in the face of a quantum computer. However, that approach will have repercussions in many areas. For example, if a water meter or tracking device is equipped with futuristic encryption, the computers and devices attempting to access those devices legitimately must also have it. This is a significant upgrade for the entire ecosystem.
Taking a pragmatic view
If history is our guide, cryptographic functions will likely evolve. Threat actors often find a way to crack encryptions after approval, leading to cryptography advancements. This means a significant risk exists in moving forward with a method today. Device costs will increase, making them more challenging to sell, especially since their security mechanism is a solution to a nonexistent problem. It also means companies may spend millions of dollars building future-ready devices only to find their quantum security method faulty.
Encryption is also not a one-size-fits-all solution — the type of data and device matter. Historical water meter data has little value, while a patient’s health records may hold great value. In most cases, a real-time tracker in a child’s school bag requires a higher degree of security than simply protecting against the future threat of quantum computers decrypting stored, encrypted location data to reveal the child’s historical movements.
These challenges suggest that — at this time — the best approach may be to begin developing products that are upgrade-ready and support crypto agility. They should minimize investment in future cryptographic methods while ensuring that their hardware and software have the memory, throughput power, and performance capabilities to support future methods.
At the same time, the industry must continue to investigate the risks and challenges of a post-quantum world. The long-term viability of connected devices requires LPWA-friendly and developed solutions while keeping the ecosystem and commercial needs in mind. Together, those tasked with securing the LPWA IoT will create a global standard that allows users to maintain their confidence in the security of a connected world in the post-quantum era.
About the Author
Avishay Shraga serves as Senior Director (CTO), Head of Security Technologies at Sony Semiconductor Israel. He leads the company’s strategic initiatives in security technology and has been instrumental in establishing it as a global center of excellence within the organization. Avishay is widely recognized for pioneering the development and commercialization of integrated SIM (iSIM) technology for IoT. His expertise spans applied cryptography, cybersecurity, IoT infrastructure, and trusted computing. He brings over a decade of leadership in translating advanced security concepts into market-ready solutions.
Leave a Reply