Quantum Computing vs IoT Security

Avishay Shraga, CTO and Head of Security Technologies at chip designer Sony Semiconductor Israel, is advocating for the implementation of a quantum-resistant standard for low power applications within the Internet of Things (IoT). According to Shraga, the current generation of quantum-safe algorithms poses a challenge for designing the next wave of ultra low power devices in the IoT. He emphasizes the need for a pragmatic approach to crypto-agility in these chips to ensure their security.

Modern asymmetric cryptography relies on creating equations that are easy to solve in one direction but difficult to reverse by adversaries in the other direction. Traditionally, this was achieved through modular arithmetic using a large prime modulus and a generator to generate a key. The strength of this one-way function is determined by the time and computing power required to reverse it. ECC 256, a widely respected standard in modern cryptography, would take millions of years to crack with current computing capabilities, providing robust security for real-time and historical data in IoT devices.

Looking ahead, the landscape is set to change with the anticipated arrival of Quantum computers in the early 2030s. These revolutionary machines, based on the principles of quantum mechanics, are expected to solve complex problems that are currently beyond the reach of conventional computers. As organizations like NIST and the European Union prepare for this quantum era, the security implications for IoT devices become increasingly significant.

While the advent of Quantum computers heralds exciting possibilities for various industries, it also poses a significant threat to cybersecurity. The rapid advancement of quantum computing technology could render current encryption standards obsolete, potentially exposing sensitive data to security breaches. As the quantum era approaches, the need for robust encryption solutions capable of withstanding the power of quantum computers becomes imperative.

Organizations are faced with the challenge of preparing for a post-quantum world while balancing the limitations of current IoT devices. The development of products that can be upgraded to address quantum threats, as well as the integration of advanced cryptographic functions, are two approaches being considered. However, both approaches come with their own set of challenges, including cost implications and compatibility issues within the IoT ecosystem.

As the industry navigates the complexities of quantum computing and IoT security, a pragmatic approach is essential. By focusing on developing upgrade-ready products with crypto agility, organizations can adapt to future cryptographic methods while ensuring compatibility and performance. The journey towards a global standard for securing LPWA IoT devices in the post-quantum era requires collaboration and innovation to safeguard the connected world.