Competence Centre for Quantum Security

Quantum computing advancements pose a threat to today’s IT security as a whole. This is because the established cryptographic processes can be cracked by quantum computers. Fraunhofer Singapore and Fraunhofer AISEC are pooling its expertise in the future technology of post-quantum cryptography and quantum communciation via the Competence Center for Quantum Secuirty. Our goal as a neutral and manufacturer-independent center is to support companies and public research institutions in the switch to quantum-resistant cryptographic processes. To do so, we offer individual consultation and support for migrating to architecture with a quantum-secure design and transition to quantum readiness. Compatibility with existing solutions and cryptoagility play a key role in this. Other services offered by the competence center include quantum risk assessment, security analyses for quantum-safe implementations as well as an information portal for post-quantum cryptography. 

Almost every single process implemented today will become insecure

The ongoing development of quantum computers poses a threat to almost every cryptographic process currently implemented. Quantum algorithms, such as the »Shor algorithm« and variants thereof, have been used to crack frequently used public key processes that are based on factorization problems (like RSA encryption and signatures). This is also the case for processes based on difficult-to-calculate discrete logarithms (e.g., (EC)DSA signature processes, ElGamal encryption processes and Diffie-Hellmann key agreement protocols). Symmetrical processes are also affected by Grover’s algorithm. Here, however, bigger keys can be used to rebuild security — as opposed to public key processes.

It is becoming increasingly difficult to ensure that IT will remain secure in the long term. In Critical Infrastructures in particular, an orderly transition to quantum-resistant processes is key. However, simply replacing cryptographic processes is not necessarily possible due to the totally new algorithmic characteristics that quantum-safe approaches and processes have. For PQC, significantly longer keys and data packets for transfer, stateful protocols or substantial changes to time responses are particular technical challenges here.

A manufacturer-neutral portfolio based on current research

Requirements for ensuing the longevity of hardware and software components include cryptoagility (i.e., the possibility to rapidly replace cryptographic processes); newly constructed, quantum-resistant implementations that are secure; and the construction of a publicly accessible pool of knowledge.

The Competence Center for Quantum Security offers companies and public research institutions individual and manufacturer-neutral support based on current research when they change over to quantum-resistant cryptography and protocols. Examples include migration of PQC processes, security analyses for quantum-safe implementations and an extensive information portal with proposals for a variety of target groups. 

SERVICES

Assistance with migration

For post-quantum migration, cryptographic processes must be replaced and adapted to a large extent. The common use of proprietary protocols (i.e., in industry) is hampering this process, in particular in terms of compatibility requirements and organizational framework conditions such as existing IT systems, which frequently lack cryptoagility. We take into account the initial position of each individual organization or public research institution to offer the following expertise: 

  • Development and implementation of migration strategies for the integration of PQCs and QKD in organizational infrastructures and products in a way that is compatible with existing strategies and solutions
  • Selection of appropriate quantum-safe technology and migration processes that are tailored to the individual needs of the customer (such as specific use cases, business processes or platforms)
  • Development and implementation of architecture designs which are sustainable and quantum-secure, with »cryptoagility by design«
  • Development of cross-application cryptoconcepts and security concepts for the secure performance, taking into account the system- and application-specific aspects of the target platform
  • Assistance in securely implementing quantum-safe technology in hardware and software

 

Security analyses for PQC implementations  

The competence center conducts individual security analyses. This service covers software, protocols and hardware:

  • Assessment of the security of software and hardware components in regard to implementing quantum-safe securely (e.g., review of implementations, execution of side channel and error attacks, firmware analyses)
  • Analysis of the correct utilization of PQC cryptolibraries
  • Evaluation of the QKD and PQC solutions that are available on the market 

 

Information portal 

The portal provides information that is relevant for Chief Information Security Officers (CISO) and those responsible for IT processes, as well as for strategic corporate development in the face of security threats posed by quantum computers. The information available can be downloaded free of charge. Specifically, the following services are provided by the information portal: 

  • Information on quantum-resistant processes (i.e., security level, standardization status, efficiency on various platforms)
  • Material on industry-specific quirks in the context of quantum-resistant processes
  • Description of the scientific advancements in post-quantum cryptography including impact analysis
  • Monitoring advancements in implementing post-quantum cryptography and quantum communiation in software and hardware products
  • Security evaluation QKD network management and key management solutions
  • Assessment of specific attacks on PQC implementations and illustration of countermeasures  

RESEARCH PROJECTS

Companies profit in the long-term from the well-founded knowledge and practical experience that our scientists possess in the field of post-quantum cryptography. As such, competence center stakeholders are involved in four of the research projects on post-quantum cryptography that are funded by the German Federal Ministry of Education and Research (BMBF). These projects are investigating whether and how quantum-resistant processes can be implemented in a variety of application scenarios.

Quantum Readiness

Are You Quantum Ready Yet?

Fraunhofer Singapore will start an industry survey on Cryptography and the impact of Quantum-Computing on organizational prepardness. 

 

Crypto library for long-lasting security

BOTAN

As part of the BSI project, an open-source, secure, clear, controllable and well-documented C++ cryptographic library was developed in the form of BOTAN, which is suitable for as many deployment scenarios as possible and can also be used in applications with increased security requirements. Fraunhofer integrates several post-quantum algorithms to the library.

 

Quantum-Safe Networking

Quantum-Safe IPsec-Module and VPN

  • Scrutinizing the use of quantum-safe algorithms in VPN and key exchange protocols such as IKEv2 for IPsec and MKA/PACE for MACsec.
  • An implementation of schemes in established VPN software suites.

 

Project

National Quantum-Safe Network

In The Straits Times, learn more on how S'pore creates its first quantum cryptography testbed, to get closer to building an unhackable Internet

 

Fraunhofer AISEC

FLOQI PKI

The objective of the full-lifecycle post-quantum PKI (FLOQI) project is to develop a PKI that is resistant to quantum computers. This needs to be compatible with current cryptographic processes. To this end, post-quantum processes are implemented on a variety of platforms, as well as being tested in three demonstrators.

 

Fraunhofer AISEC

Quantum-Safe Communication for Industry 4.0

In the project "Post-Quantum-Safe Communication for Industry 4.0 (PoQsiKom)", Fraunhofer AISEC, TUM, Siemens and TRUMPF are jointly developing a new type of hardware trust anchor for operating technology and edge devices.

 

Aquorypt

This research project is investigating the application and practical implementation of cryptographic processes that are resistant to quantum computers.