- Softbank announced the successful completion of combining classical encryption algorithms, represented by elliptic curve cryptography with post quantum cryptography.
- The proof of concept was completed through a collaboration with SandboxAQ.
- The hybrid approach allows for security against quantum computer attacks without degrading the security that has been guaranteed by classical cryptography until now.
PRESS RELEASE — SoftBank Corp. (“SoftBank”) today announced it completed a demonstration of combined classical encryption algorithms, represented by elliptic curve cryptography (ECC), with Post Quantum Cryptography (PQC) algorithms using a hybrid approach. The proof of concept was successfully completed through a collaboration with SandboxAQ, and it was confirmed that it can be applied to existing networks with minimal impact.
With the advent of quantum computers, and the threat they pose to currently deployed asymmetric cryptography algorithms such as RSA and ECC, every security-conscious organization will need to transition to PQC algorithms. Such PQC algorithms are expected to be standardized by NIST, and they will be mandated for use by most governments. As cryptosystems based on classical algorithms are not likely to be compromised by quantum computers in the next few years, businesses and consumers can continue to securely use telecommunications services. However, data exchanged through the Internet could be affected by “Store Now and Decrypt Later” (SNDL) attacks, where threat actors exfiltrate encrypted data today and store it until error-corrected quantum computers are available to decrypt it. That is why it is considered necessary for organizations to introduce PQC at an early stage. The implementation of PQC on real networks is crucial for the continued development of an advanced information society
PQC algorithms are robust and designed to resist attacks by quantum computers. By using a hybrid approach that incorporates well-established classical encryption algorithms, SoftBank and SandboxAQ are confident that customers can more easily and safely adopt PQC.
The hybrid approach provides protection against quantum computer attacks without degrading the security that has been guaranteed by classical cryptography until now. However, concerns have been raised that the complexity of encryption processing could increase time needed for encryption and decryption, load on devices, and overhead rates for communication.
SoftBank and SandboxAQ applied simulated network traffic on a hybrid mode of classical algorithms and PQC algorithms using handset devices and servers, and evaluated metrics such as latency related to encryption and decryption, CPU load, memory utilization, connection rate, amount of traffic data, among others. As a result, the companies confirmed that hybrid mode performance is practical.
In addition, a comparison of standardization candidate PQC algorithms revealed that a combination of structured lattice-based PQC algorithms and classical algorithms performed better than any other alternative cryptographic schemes discussed in the PQC standardization process with minimal overhead for SoftBank’s network infrastructure.
Comments from SoftBank and SandboxAQ
“SoftBank continues to focus on research and development in security technologies as well as network technologies to provide comfortable, safe and secure infrastructure services. By leveraging our partnership with SandboxAQ and their expertise in quantum and quantum-safe technology, we will continue to promote early implementation of quantum-safe networks. In particular, we expect that the need for quantum-safe networks will increase as the development of quantum computers progresses, especially among organizations that deal with information assets with long lifetimes, such as medical data or critical intellectual property,” said Ryuji Wakikawa, SoftBank Corp. Vice President and Head of the Research Institute of Advanced Technology.
“To protect the world’s most sensitive personal, business, and government data against current and future quantum threats, we must first protect the global telecommunication networks that enable this data to be accessed or shared. Otherwise, we are leaving a critical component of the world’s cybersecurity apparatus unprotected and vulnerable,” said Jack Hidary, CEO of SandboxAQ. “We are honored to work closely with SoftBank, helping them to tap new revenue streams by becoming quantum-resistant and cryptographically agile. We look forward to helping SoftBank implement these important cybersecurity technologies to create innovative solutions and protect their customers.”
A case study with the detailed findings can be accessed here. A Japanese and English version is also available on SoftBank’s website.