The Importance of Quantum-Safe Networks in Securing Telecommunications
In Nokia’s recent white paper titled ‘The Road to Quantum-Safe Networks’, the urgent need to protect telecommunications infrastructure from the potential threat of cryptographically relevant quantum computers (CRQCs) is highlighted. While these advanced machines may still be a decade or more away, the ability to compromise widely used public-key cryptographic systems makes it crucial to take proactive measures now. The shift towards quantum-safe networks is described as the most significant cybersecurity migration ever attempted, requiring collaboration between industry, government, and network operators. The paper emphasizes the difference between symmetric and asymmetric cryptography.
Protecting Against Quantum Threats
While symmetric encryption methods like AES can be secure with sufficiently large key sizes and quantum-resistant distribution techniques, asymmetric systems such as RSA and ECC are vulnerable to attacks like Shor’s algorithm. New asymmetric encryption schemes, known as post-quantum cryptography (PQC), are being developed to withstand quantum threats and are currently undergoing standardization by NIST. Additionally, quantum key distribution (QKD) offers a hardware-based approach to secure symmetric key exchange, although it has its limitations.
Implementing a Hybrid Approach
Nokia’s white paper emphasizes that there is no one-size-fits-all solution to quantum security. A hybrid cryptographic strategy, combining traditional methods with quantum-safe techniques, can provide a transitional approach while standards and implementations evolve. For instance, incorporating hybrid key exchange protocols in TLS or utilizing dual-signed certificates can enhance security and interoperability during the migration phase. The paper underscores the importance of layered defenses and cryptographic agility to ensure resilience. Networks should employ multiple layers of encryption using various quantum-safe primitives and be prepared to swiftly replace compromised algorithms or protocols.
Addressing Network Vulnerabilities
Different components of a network, including mobile and fixed access networks, as well as transport infrastructure, present unique vulnerabilities to quantum threats. Mitigation efforts should focus on securing the data, control, and management planes, as well as exposure interfaces like APIs. Establishing a comprehensive cryptographic inventory is identified as the initial step towards identifying and replacing vulnerable elements. Ultimately, the success of quantum-safe networks will rely on a combination of technologies – including symmetric and asymmetric cryptography, QKD, and hybrid systems – tailored to the specific requirements of each network layer.
Nokia calls for immediate and organized action to ensure the long-term security, integrity, and trustworthiness of critical digital infrastructure, starting today and extending into the post-quantum era.
