Quantum Computing vs IoT Security

Modern asymmetric cryptography relies on creating equations that are easy to solve in one direction but difficult to reverse in the other direction, providing a secure method for data encryption. Traditionally, this was achieved through modular arithmetic using large prime moduli and generators to generate keys. The strength of this one-way function is determined by the time and computing power required to reverse it, with ECC 256 being a gold standard in modern cryptography due to its complexity, taking millions of years to crack with current technology.

Looking towards the future, the landscape of cryptography is set to change with the advent of quantum computers. The US National Institute of Science & Technology (NIST) and the European Union are gearing up for the arrival of quantum computers in the early 2030s. Quantum computers, based on the principles of quantum mechanics, have the potential to revolutionize computing power, posing a significant challenge to current encryption standards.

While quantum computing holds promise for various scientific fields, it presents a looming threat to cybersecurity. Security professionals anticipate that modern cryptography, such as ECC-256, could be compromised within days by quantum computers, raising concerns about the security of sensitive data in IoT devices and other connected systems.

One area of particular concern is IoT security, as current low power wide area (LPWA) chipsets have a lifespan of around 15 years, overlapping with the expected rise of quantum computers. As the quantum era approaches, there is a growing need to integrate encryption solutions capable of withstanding the power of quantum computing into IoT devices to ensure data security.

Organizations are faced with the challenge of preparing for a post-quantum world, where current cryptographic methods may no longer be effective. Two main approaches are being considered: developing products that can be upgraded to address quantum threats or integrating advanced cryptographic functions that are quantum-resistant. Both approaches come with their own set of challenges and implications for the IoT ecosystem.

Adapting to the Future

As the industry navigates the complexities of quantum computing and post-quantum cryptography, a pragmatic approach is essential. While the future of encryption remains uncertain, organizations must focus on developing products that are upgrade-ready and support crypto agility. By investing in solutions that can adapt to evolving cryptographic methods, while considering the specific needs of different devices and data types, the industry can pave the way for a secure connected world in the post-quantum era.

Avishay Shraga, Senior Director (CTO) and Head of Security Technologies at Sony Semiconductor Israel, emphasizes the importance of staying ahead of the curve in cybersecurity to address the challenges posed by quantum computing. By proactively addressing the implications of quantum computing on encryption standards, the industry can ensure the long-term security and viability of connected devices in an increasingly digital world.