Asymmetric cryptographic schemes are, among other things, used for digital signatures and key establishment. Such cryptographic methods are essential and ubiquitous in various systems. The emergence of quantum computing, however, has exposed vulnerabilities in these algorithms that were embedded during their design. In response, a new set of algorithms that are believed to be resistant to quantum computing attacks have been developed. They are called Post Quantum Cryptography (PQC) algorithms. However, these new algorithms do not match the compactness and efficiency of current cryptographic solutions, raising concerns about their integration into existing systems. The extent of these challenges remains a topic of exploration, but early testing indicates that integration poses significant hurdles. 

Although this post doesn't dive deeply into the specifics of quantum risk, those interested in a more detailed exploration can find more insights in this comprehensive study (https://lnkd.in/erZi9nvX).

Cloudflare, a network and website security service provider, has begun exploratory tests on implementing PQC standards within TLS-encrypted traffic (https://blog.cloudflare.com/sizing-up-post-quantum-signatures). It's essential to acknowledge that the scope of PQC implementation extends beyond just the TLS protocol to other network protocols (DNSSEC, SSH, BGPSec, MACSec, etc.) and many non-network technologies, including cryptographic services, runtime environments, operating systems, virtualisation tools, storage devices and blockchain technologies.

Cloudflare's initiative stems from a key challenge associated with PQC: the algorithms typically require significantly larger public keys, signatures, or processing capabilities compared to current cryptographic standards. This discrepancy raises questions about the feasibility of transitioning existing technologies to PQC frameworks. Cloudflare's practical tests aim to evaluate the real-world implications of these changes.

https://blog.cloudflare.com/content/images/2021/11/Screenshot-2021-11-22-at-13.17.20.png

In the experiment, Cloudflare focused on a specific class of certificates used in the TLS handshake process. There are 5 more other certificates used in any given TLS session, but in the experiment, just one was artificially altered. The team elongated a classical signature to simulate PQC signature size and assess the impact on a sample of real users. The results revealed a degradation in connection speeds and a decline in certificate acceptance far beyond an acceptable level. The primary reason for the degradation is attributed to the TCP congestion control mechanisms. As the name suggests, this mechanism regulates data transmission volumes to avoid congestion over a chosen network path between a sender and a receiver. The default configuration of congestion management, which is used literally everywhere, leads to significant delays when faced with the increased data demands of PQC.

The assumption that simply adjusting congestion control settings could offer a straightforward solution overlooks the complexity of the internet's infrastructure, which involves a myriad of independent entities, inconsistent adherence to standards, and cross-border regulatory challenges.

Cloudflare's findings highlight the significant capacity challenges posed by an increase in the size of one signature (remember, TLS has 5 more in every session) to accommodate PQC algorithms. Projecting these hurdles onto the broader IT infrastructure suggests significant repercussions, hinting that transitioning to quantum-resistant cryptography might require extensive system overhauls. In numerous instances, this increase in cryptographic overhead could result in system performance falling to unacceptable levels. Given the intricate nature of systems, finding a simple solution might be an increasingly complex task.