DevTalk Episode 02: Unlocking the Future of Security with Post-Quantum Cryptography 🔐
Join Bas Westerbaan from Cloudflare as he explores the latest advancements in post-quantum cryptography, its impact on digital security, and what the future holds for encryption standards.
Cloudflare Developers
1.2K views • Nov 8, 2024
About this video
Bas Westerbaan is Cloudflare’s Research Lead on Post-Quantum efforts. His work ranges from cryptographic implementation and standardization, to driving large-scale experiment and subsequent deployment.
Cryptography is a fundamental aspect of modern technology, securing everything from online communications to financial transactions. For instance, when visiting Cloudflare's dashboard, your web browser used cryptography to establish a secure communication channel to Cloudflare’s server to ensure that you’re really talking to Cloudflare (and not an impersonator), and that the data conversation remains private from eavesdroppers.
Much of the cryptography in widespread use today is based on mathematical puzzles (like factoring very large numbers) which are computationally out of reach for classical (non-quantum) computers. We could likely continue to use traditional cryptography for decades to come if not for the advent of quantum computers, devices that use properties of quantum mechanics to perform certain specialized calculations much more efficiently than traditional computers. Unfortunately, those specialized calculations include solving the mathematical puzzles upon which most widely deployed cryptography depends.
As of today, no quantum computers exist that are large and stable enough to break today’s cryptography, but experts predict that it’s only a matter of time until such a cryptographically-relevant quantum computer (CRQC) exists. For instance, more than a quarter of interviewed experts in a 2023 survey expect that a CRQC is more likely than not to appear in the next decade.
----
Key agreement allows two parties that have never communicated before to establish a shared secret over an insecure communication channel (like the Internet). The parties can then use this shared secret to encrypt future communications between them. An adversary may be able to observe the encrypted communication going over the network, but without access to the shared secret they cannot decrypt and “see inside” the encrypted packets.
However, in what is known as the "store now, decrypt later" threat model, an adversary can store encrypted data until some point in the future when they gain access to a sufficiently large quantum computer, and then can decrypt at their leisure. Thus, today’s communication is already at risk from a future quantum adversary, and it is urgent that we upgrade systems to use post-quantum key agreement as soon as possible.
In 2022, soon after NIST announced the first set of algorithms to be standardized, Cloudflare worked with industry partners to deploy a preliminary version of ML-KEM to protect traffic arriving at Cloudflare’s servers (and our internal systems), both to pave the way for adoption of the final standard and to start protecting traffic as soon as possible. As of mid-August 2024, over 16% of human-generated requests to Cloudflare’s servers are already protected with post-quantum key agreement.
Create an account on Cloudflare today for free: https://dash.cloudflare.com/sign-up
Recent Cloudflare Blog Posts on Post-Quantum Technology:
2024 State of Post-Quantum Technology: https://blog.cloudflare.com/pq-2024
Post-Quantum Signatures: https://blog.cloudflare.com/another-look-at-pq-signatures
NISTS First Post-Quantum Standards: https://blog.cloudflare.com/nists-first-post-quantum-standards
Post-Quantum Communication with your Origin: https://blog.cloudflare.com/post-quantum-to-origins
Chapters:
00:00 Intro
00:15 What is Post-Quantum Encryption?
00:50 Qubits
1:40 Migration to Post-Quantum
3:07 Post-Quantum at Cloudflare
3:41 Key Agreement Specifics
4:44 Browser Demo
5:22 Conclusion
Create an account on Cloudflare today for free: https://dash.cloudflare.com/sign-up
#cloudflare #postquantumcryptography #cryptography #postquantum #nist #quantum #crypto #security #tls #ssl #keyagreement #encryption #quantum #quantumkey
Cryptography is a fundamental aspect of modern technology, securing everything from online communications to financial transactions. For instance, when visiting Cloudflare's dashboard, your web browser used cryptography to establish a secure communication channel to Cloudflare’s server to ensure that you’re really talking to Cloudflare (and not an impersonator), and that the data conversation remains private from eavesdroppers.
Much of the cryptography in widespread use today is based on mathematical puzzles (like factoring very large numbers) which are computationally out of reach for classical (non-quantum) computers. We could likely continue to use traditional cryptography for decades to come if not for the advent of quantum computers, devices that use properties of quantum mechanics to perform certain specialized calculations much more efficiently than traditional computers. Unfortunately, those specialized calculations include solving the mathematical puzzles upon which most widely deployed cryptography depends.
As of today, no quantum computers exist that are large and stable enough to break today’s cryptography, but experts predict that it’s only a matter of time until such a cryptographically-relevant quantum computer (CRQC) exists. For instance, more than a quarter of interviewed experts in a 2023 survey expect that a CRQC is more likely than not to appear in the next decade.
----
Key agreement allows two parties that have never communicated before to establish a shared secret over an insecure communication channel (like the Internet). The parties can then use this shared secret to encrypt future communications between them. An adversary may be able to observe the encrypted communication going over the network, but without access to the shared secret they cannot decrypt and “see inside” the encrypted packets.
However, in what is known as the "store now, decrypt later" threat model, an adversary can store encrypted data until some point in the future when they gain access to a sufficiently large quantum computer, and then can decrypt at their leisure. Thus, today’s communication is already at risk from a future quantum adversary, and it is urgent that we upgrade systems to use post-quantum key agreement as soon as possible.
In 2022, soon after NIST announced the first set of algorithms to be standardized, Cloudflare worked with industry partners to deploy a preliminary version of ML-KEM to protect traffic arriving at Cloudflare’s servers (and our internal systems), both to pave the way for adoption of the final standard and to start protecting traffic as soon as possible. As of mid-August 2024, over 16% of human-generated requests to Cloudflare’s servers are already protected with post-quantum key agreement.
Create an account on Cloudflare today for free: https://dash.cloudflare.com/sign-up
Recent Cloudflare Blog Posts on Post-Quantum Technology:
2024 State of Post-Quantum Technology: https://blog.cloudflare.com/pq-2024
Post-Quantum Signatures: https://blog.cloudflare.com/another-look-at-pq-signatures
NISTS First Post-Quantum Standards: https://blog.cloudflare.com/nists-first-post-quantum-standards
Post-Quantum Communication with your Origin: https://blog.cloudflare.com/post-quantum-to-origins
Chapters:
00:00 Intro
00:15 What is Post-Quantum Encryption?
00:50 Qubits
1:40 Migration to Post-Quantum
3:07 Post-Quantum at Cloudflare
3:41 Key Agreement Specifics
4:44 Browser Demo
5:22 Conclusion
Create an account on Cloudflare today for free: https://dash.cloudflare.com/sign-up
#cloudflare #postquantumcryptography #cryptography #postquantum #nist #quantum #crypto #security #tls #ssl #keyagreement #encryption #quantum #quantumkey
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
1.2K
Likes
53
Duration
5:50
Published
Nov 8, 2024
User Reviews
4.5
(1) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.