New research paper explores post-quantum cryptography for critical infrastructure cybersecurity

[Article updated to incorporate revised headline and content throughout.]

New research from the Mathematical Principles of Information and Communications at Tecnun – University of Navarra focused on addressing cybersecurity in critical infrastructures, specifically from the perspective of post-quantum cryptography. The paper outlines that critical infrastructure communications are a very exposed target to cyber attacks that could produce huge economic and social losses, even human casualties. Furthermore, a new cybersecurity threat has arisen with the theoretical proposal of fault-tolerant quantum computers, due to their potential ability to break state-of-the-art cryptography protocols, such as Rivest-Shamir-Adleman (RSA) or elliptic-curve cryptography (ECC). 

“The chase of functional quantum computers has resulted in a technological race involving many global agents. At the same time, those agents have become aware that transitioning their secure communications to a quantum secure paradigm is a priority that should be established before the arrival of fault-tolerance,” Javier Oliva del Moral, Antonio deMarti iOlius, Gerard Vidal, Pedro M. Crespo, Josu Etxezarreta Martinez, wrote in the research paper released on Monday. “In this sense, two main cryptographic solutions have been proposed: Quantum Key Distribution (QKD) and Post-Quantum Cryptography (PQC).” 

Nevertheless, they added that quantum secure solutions have been mainly centered on the perspective of IT environments. In this paper, the authors provide a perspective on the problem of applying PQC solutions to critical infrastructure and analyze which could be the most suitable cryptography schemes for these scenarios.

The paper detailed that each PQC protocol has its benefits and disadvantages in terms of security levels, cipher text size or speed, among other benchmarks. “This implies that the selection of PQC protocols is very application-dependent in the sense that as a function of the requirements of a specific system, an approach could be valid or not.” 

Following this logic, PQC protocols are usually proposed for systems in which cybersecurity is the most critical requirement (IT services), while the latency because of the introduction of those cryptography protocols can be deemed as not too important. However, latency is a key performance parameter in ICS (industrial control systems) and critical infrastructure (CI), where introducing a delay over the system requirements can imply a failure that cannot be tolerated in such environments. 

The paper recognizes that this should be done by maintaining a certain level of security in the system. “Additionally, it is important to state that implementing cryptography in such networks is done by means of processors that are not powerful enough to manage huge key sizes, mainly because the introduction of such systems should be somehow seamless to the existing communication infrastructure and cheap. It is in this sense that the inclusion of PQC in industrial and critical environments poses an interesting trade-off between the benchmarks of those protocols.” 

The paper identified that the paradigm of cybercrime and cyberwar is present nowadays with an estimated number of 2200 known cyberattacks per day in 2022, posing a threat to the business’ infrastructure every 39 seconds. It added that the recent Russo-Ukrainian war has seen a major cyberwarfare in which the public, media, financial, business, and non-profit sectors of Ukraine have been targeted by hacking activities that have undermined the distribution of medicines, food and relief supplies among other harmful effects. 

“Indeed, awareness on cyberattacks among nation-state actors is increasing due to current geopolitical tensions, as seen recently,” the paper identified. “It is due to all these factors that concepts such as the Cyber Apocalypse are being coined to describe the fear that a cyberattack to CI’s systems and networks of a country would lead to shutting down their capabilities regarding civilian and military services. It is important to state that the possibility of major devastation in the CI of a nation does not have to imply that all the systems consisting [of] it should be attacked, the failure of parts of the structure may lead to a catastrophic propagation of failures through the whole network due to the inter-connection among the elements. This effect is known as [the] cascading effect,” it added. 

The paper identified that all of these vulnerabilities make cybersecurity and cryptography the pillars of erecting the previously described paradigmatic society securely. “Cybersecurity is defined as the practice of protecting important systems and confidential information from cyberattacks. In this sense, many methods and elements are used for the sake of protecting communication and computer networks, but the algorithms that are employed to cipher sensitive data being communicated in such meshes relate to the field of cryptography,” it added. 

Importantly, the authors disclosed that the proposal of the RSA or ECC asymmetric cryptographic systems has maintained the security of communication systems for over 40 years. “The core of those protocols resides in the fact that they are based on hard problems that cannot be solved in a practical time frame by classical computing methods, i.e. thousands of years of computing are required to extract the plain text from the ciphertext if the key is unknown. Unluckily, quantum computers have posed a threat to the security of those asymmetric cryptography protocols,” they added. 

Shor’s algorithm is a theoretical quantum algorithm that provides an exponential speed up for solving prime number factorization and the computation of discrete logarithms, which are the hard problems on which the security of the previously commented protocols relies, respectively. 

The paper details that quantum computers that can execute such algorithms efficiently and correctly still exist just as a theoretical promise, but the last years have shown that it is a rapidly evolving field with the achievement of milestones such as the first experimental realizations of quantum advantage or quantum error correction. Therefore, it is a matter of time, usually estimated to be between one and two decades from now, that quantum computers make the ‘state-of-the-art’ asymmetric protocols to be deprecated. 

Additionally, it is important to state that implementing cryptography in such networks is done utilizing processors that are not powerful enough to manage huge key sizes, mainly because the introduction of such systems should be somehow seamless to the existing communication infrastructure and cheap. “It is in this sense that the inclusion of PQC in industrial and critical environments poses an interesting trade-off between the benchmarks of those protocols,” the paper disclosed.

The paper also recognizes that the paradigm of post-quantum cryptography has arisen, as the possible solution to such a quantum apocalypse, and it consists in designing cryptographic methods that rely on hard problems for which quantum computing does not provide exponential speedups. 

In conclusion, the paper identifies that although many different PQC alternatives seem to provide good security against quantum attacks for IT services shortly, their implementation in critical infrastructure is not a trivial problem. “The lack of security notions for the PQC families, the long lifetime span of OT devices, the fact that the communications within ICS have stringent requirements and that those are mainly composed of legacy elements of little computational capabilities imply that there is a current gap in terms of PQC protocols that can be seamlessly adapted to such scenarios,” it added. 

Moreover, the paper disclosed that the absence of a general benchmark of PQC algorithms under the same conditions makes it hard to make a top-view comparison among them to conclude which could be well suited for implementation in CI networks. “This is really important since cryptosystems that introduce too much latency reduce the availability of communication protocols, which could produce fatal consequences not only to the specific industry which suffers the shutdown but also to all the interconnected industrial chain due to cascade effects.” 

Therefore, the authors urge the post-quantum cryptography community to realize experimental studies that compare the existing protocols under similar conditions to find suitable protocols and to think about possible PQC algorithms that may be tailored to fulfill the stringent conditions of OT services. 

Furthermore, the paper said “we have discussed that PQC solutions for ICS/CI networks should be flexible in order to avoid huge economic and manpower costs if the implemented protocol results to be deprecated or if new governmental requirements are imposed since, for example, hardware solutions would imply the substitution of a humongous amounts of elements introduced in different points of a network that could be enormous in terms of space,” it added.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.