Enhancing Cyber Resiliency for Post-Quantum Computing

Quantum computing has been making waves once again, starting with a significant gathering at Nvidia’s GTC AI conference. CEO Jensen Huang hosted a meeting with 14 CEOs and technical leaders from the quantum industry, where they discussed the current and future states of quantum technology. It was exciting to hear about the different ways to cool, improve logic gates, and try new things in this area. These companies are trying to make quantum computing available to everyone.

Since then, there has been a constant barrage of news on quantum computing for next-gen networking, blockchains, and even banking use cases. But before all that hype, there was a huge announcement from the National Institute of Standards and Technology (NIST) that didn’t get much airtime. NIST selected a fifth algorithm, Hamming Quasi-Cyclic (HQC), which will serve as a backup to the existing Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) algorithms recommended by FIPS 203 for protecting against quantum attacks.

Commvault Implements NIST’s HQC Algorithm to Enhance Cyber Resiliency

In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is paramount. Commvault is committed to helping protect our customers from modern threats, including the infamous “harvest now, decrypt later” exfiltration.

To improve our defenses, we’re excited to announce that we’re using NIST’s new HQC algorithm for post-quantum encryption. This algorithm is part of our strong crypto-agility strategy (which we will cover in a moment). HQC is designed to provide a second line of defense to protect internet traffic and stored data, even if vulnerabilities are discovered in ML-KEM.

It May Not Stay as a Backup … Why HQC Matters

HQC is based on error-correcting codes, a concept that has been integral to information security for decades. Unlike ML-KEM, which relies on structured lattices, HQC’s unique mathematical foundation offers a robust alternative that can help combat the potential threats posed by future quantum computers.

This shift in mathematical approaches is crucial for maintaining the integrity of encrypted data. At Commvault, we know how important it is to have data security measures in place and leverage a crypto- agile approach to respond quickly to changing threats.

The quantum world is changing fast, warranting swift responses. This capability is essential for maintaining cyber resiliency against sensitive data, with a 10+ year lifespan on hardware and software, based on recent estimates.

What About FIPS 204 and FIPS 205 Algorithms?

FIPS 204 and FIPS 205 are two digital signature algorithms (DSA) standards. They are designed to prove who sent a message and make sure it hasn’t been changed. Despite both being DSAs, they take a different mathematical approach to securing the signatures. FIPS 204 is module-lattice- based (ML-DSA), while FIPS 205 is stateless hash-based DSA (SLH-DSA).

These differ from HQC and ML-KEM, which are key-encapsulation mechanisms that provide thehandshake, or key exchange, between two parties.

I like to think of it this way: DSAs provide authentication, while KEMs provide key exchange. They tackle separate problems; thus, both are necessary for resiliency. Along the same lines, you can think of FIPS 205 as an alternative for FIPS 204, just like HQC is an alternative to ML-KEM, and this is why crypto-agility is a necessity.

Implementing Crypto-Agility for Enhanced Cyber Resiliency

Commvault’s crypto-agility strategy involves several key steps to prepare for the quantum era:

• Leverage quantum-resistant algorithms today: Rivest-Shamir-Adleman (RSA) and Advanced Encryption Standard (AES) are still very safe for data retained for the next decade or so. With today’s quantum computers leveraging Grover’s algorithm, it could potentially reduce the time to crack the encryption in half. For example, AES 256 (2^256) would essentially be at a key length of AES 128 (2^128).
  
  This is still a big number, but new improvements in quantum computing speeds, error correction, and algorithmic optimizations may make things faster. Today, you can leverage Commvault® Cloud Security IQ, to quickly view and improve the encryption options for storage and network across your Commvault Cloud estate. Use larger key lengths like 256 to get a balance of performance and protection from threats today.
• Identify sensitive data retention for potential re-encryption: Leverage separate Commvault storage plans and backup copies for long-term sensitive data (e.g., healthcare or financial records) that may be at risk in the event quantum machines accelerate the threat timeline. By segmenting this data from less-sensitive data, you can leverage Commvault’s crypto-agility architecture to rapidly re-encrypt data to new ciphers and key lengths to help protect data against evolving threats.
  
  A quick way to locate and classify sensitive data is to use Commvault Risk Analysis. This tool works across your various data sources, including servers, virtual machines, files and objects, and even email. Risk Analysis can perform discovery and classification on live data (no backups needed!) to efficiently identify and organize long-term sensitive data into specific policies.
• Configure post-quantum cryptography for tomorrow’s threats: My father always said, “Measure twice, cut once.” If your long-term sensitive data fits this profile, you can enable PQC today on any version of Commvault Cloud newer than CPR 2024 (11.36). Consult documentation.commvault.com to enable this capability.
• Cyber resiliency is a team sport: Frequently check in with your cross-functional teams for guidance on how to protect your estate from evolving threats. I anticipate that quantum will create a paradigm shift in how encryption, networking, AI, and other computationally intense processes will evolve, and we are dedicated to keeping cyber resiliency at the cutting edge.

Commvault’s implementation of NIST’s HQC algorithm and our comprehensive crypto-agility strategy demonstrate our dedication to providing top-tier resiliency solutions. As we navigate the complexities of post-quantum encryption, our priority remains clear: to protect our customers’ data integrity and help them achieve continuous business. Stay tuned for more updates as we continue to enhance our data security features and safeguard your business.

Read more in our Executive Brief for Senior IT and Security Leaders, Protecting Your Data: Why Post-Quantum Cryptography Matters.