Technology giant IBM has unveiled a range of tools to help businesses be safe in the age of quantum computing, including the world’s first quantum-safe tape drive.
Quantum computers, which draw from quantum mechanics to carry out computations, are still some way off from being free of errors and commercially available. But when they do arrive their unique, turbo-charged computing powers are expected to crack today’s encryption standards, potentially leaving sensitive data exposed.
Despite experts predicting it’ll be between ten and 30 years before quantum computers are fully-fledged, there is the risk that encrypted data today could be stored to decrypt once quantum computers become powerful and reliable enough.
Cryptographers, including IBM researchers, have been developing new algorithms that can withstand quantum computers. These ‘quantum-safe’ algorithms have been made open-source and submitted to the National Institute of Standards and Technology (NIST) for review, with the aim of turning a small number into standards in 2020.
IBM’s algorithms, which are based on the lattice mathematical method, are one of the remaining contenders. It is this suite of quantum-safe algorithms, known as CRYSTALS, that has been incorporated into the quantum-safe tape drive, which was demonstrated at the second Post-Quantum Cryptography Standardization Conference in Santa Barbara, US.
“Our jointly developed quantum-safe algorithms, part of a lattice cryptography suite called CRYSTALS, are based on the hardness of mathematical problems that have been studied since the 1980s and have not succumbed to any algorithmic attacks, either classical or quantum,” said Vadim Lyubashevsky a cryptographer at IBM Research.
Tape drive renaissance
While tape technology has been around for more than 60 years, its cost-effectiveness over hard disk drives is making it popular among tech giants handling exponential amounts of data.
“It’s going through a renaissance, because of the phenomenal data growth that is seen by the major hyper-scalers in the world,” said Robert Haas, department head of cloud and computing infrastructure at IBM Research.
“So take a Google, Amazon, Azure, Facebook, Alibaba, Tencent, and the like. They are all really impacted by growth rates of 50 to 100% per year, while the underlying technology that the vast majority still use increases its density in dollar per gigabyte only at the rate of 15% to 20%.”
Currently, tape drives depend on today’s encryption algorithms, such as RSA. IBM’s quantum-safe tape drive is still a prototype, consisting of an IBM TS1160 tape drive protected by IBM’s Kyber and Dillithium, two algorithms that form part of the CRYSTALS suite. These run in combination with symmetric AES-256 encryption, a form of encryption used today.
These algorithms are part of the firmware, which means existing tape drives could be upgraded with them, as well as future commercial quantum-safe tape drives coming with it built-in.
The State of Technology This Week
And it’s not just protecting the data on the tape drive from quantum computers, Haas told Verdict.
“On the tape drive you allow firmware updates to happen and these firmware updates must be signed. Because otherwise, just anybody could put malware into your next firmware that you will deploy across your thousands of drives,” he said. “So these firmware updates must be signed, and they must be signed in a way that is also quantum-safe.
“So it’s not only a matter of encrypting the data. There are many other facets that impact the tape drive that also has to be protected in a quantum-safe fashion.”
In other news, IBM announced that it is to start providing quantum-safe cryptography to customers on the IBM public cloud in 2020.
“Starting in 2020, IBM Cloud will roll out new services that will help keep data safe and private from the emerging cybersecurity challenges presented by future quantum computers,” said Harish Grama, general manager, IBM Cloud.
IBM has also started offering a quantum data risk assessment service to its clients to help them prepare for the quantum computing era.