Insider Brief:
- Researchers from the NCSA and the University of Illinois have conducted the first large-scale study on post-quantum cryptography adoption, emphasizing its necessity as quantum technologies develop.
- The study reveals low PQC adoption rates, with only OpenSSH and Google Chrome implementing quantum-resistant encryption; the adoption rate for OpenSSH is just 0.029% across monitored connections.
- The team’s PQC Network Instrument, integrated with the Zeek network monitor, tracks real-time PQC adoption, uncovering significant obstacles, including complex protocol requirements and the prevalence of outdated encryption algorithms.
- The authors urge broader PQC adoption, particularly in high-performance computing and critical protocols like RDP and DNS, to mitigate vulnerabilities and prevent downgrade attacks during the transition.
As quantum computing edges toward the ultimate goal of practical application, a pressing issue hovers over cybersecurity: current encryption protocols may soon become vulnerable to quantum attacks. Strategies and plans to implement post-quantum cryptography is essential. A recent study by researchers at the National Center for Supercomputing Applications and the University of Illinois at Urbana-Champaign explores PQC adoption and the challenges that come with securing data.
The study, conducted at a national-scale supercomputing facility and supported by a $200,000 grant from NSF, is the first large-scale assessment of PQC implementation in real-world network protocols, such as secure shell (SSH) and transport layer security (TLS), and explores adoption rates, algorithmic hurdles, and migration pathways.
Safe Measures Today for Security Tomorrow
The encryption systems currently securing everything from online banking to government communications rely on the complexity of mathematical problems like integer factorization and discrete logarithms—tasks that a classical computer cannot easily solve. However, as quantum computing capabilities progress, there are many experts, including the researchers who conducted the study, who emphasize that quantum algorithms could soon break these codes and expose sensitive information.
The authors explain that “post-quantum cryptography is essential for securing today’s digital infrastructure against tomorrow’s quantum adversaries.” The study warns that data encrypted today could be intercepted, stored, and decrypted once quantum computers are fully operational, further emphasizing the importance of a swift adoption of PQC.
Measuring PQC Adoption
To assess the readiness of different network protocols for quantum-resistant encryption, the team developed a PQC Network Instrument deployed at NCSA, with visibility over data flows across the FABRIC testbed—a high-speed network connecting universities, labs, and supercomputing centers. According to the study, this instrument is intended to monitor PQC adoption in real-time, providing insights that can in turn assess the readiness of scientific and cloud applications.
The network instrument works in tandem with the Zeek network security monitor, parsing massive data streams to evaluate the adoption rates of quantum-resistant cryptographic protocols. Among the protocols assessed, only OpenSSH and Google Chrome have implemented PQC to date, with an initial adoption rate of just 0.029% observed in OpenSSH connections.
Adoption, Challenges, and Risks
In the study, OpenSSH’s early adoption of PQC stood out. However, the overall rate remains low, with only 6,044 out of 20 million SSH connections using a PQC-enabled configuration—a statistic that may cause a sense of unease. Interestingly, the research also noted a disparity between SSH and other protocols like TLS, where Cloudflare recorded higher adoption rates for the hybrid PQC-TLS implementation.
The study highlights the adoption of sntrup761x25519—a hybrid algorithm combining a quantum-safe cryptosystem (sntrup761) with a traditional elliptic-curve method (x25519)—as the default in OpenSSH 9.0. This dual approach preserves security even if one component is compromised. However, the authors caution that hybrid protocols require complex implementations and have yet to be widely adopted due to technical limitations.
Another insight from the research underscores the risk posed by outdated cryptographic algorithms still in use. For example, around 83% of server-side SSH protocols date back to pre-2020 versions, highlighting an industry-wide issue of systems lagging behind in security updates.
Overcoming Barriers to Widespread PQC Adoption
The research points out that several roadblocks hinder the widespread adoption of PQC across networks, particularly in high-performance computing environments. Implementing PQC often involves increased algorithmic complexity and requires substantial updates to hardware, software, and network infrastructures.
The study also reveals that developing quantum-resistant algorithms for key scientific protocols, such as remote desktop protocol (RDP) and domain name system (DNS), remains an unmet challenge. As the researchers point out, SSH and TLS are the only ones that can currently support post-quantum cryptograph.
The research also brings to attention the potential vulnerabilities during the migration period, such as PQC downgrade attacks, where adversaries may try to force a connection to revert to a weaker, non-quantum-resistant protocol.
Implications and Next Steps for PQC
While this is an ongoing assessment, these initial insights spur the authors of the study to advocate for a broader adoption of PQC across network protocols to secure sensitive information amidst the continuous development of quantum technologies. They also call for more extensive testing and development of quantum-resistant algorithms and protocols. An open dataset of cryptographic metadata collected during the study has been made publicly available, encouraging further research and collaboration within the field.
Contributing authors on the study include Jakub Sowa, Bach Hoang, Advaith Yeluru, Steven Qie, Anita Nikolich, Ravishankar Iyer, Phuong Cao.
