Google’s Cloud Key Management Service (Cloud KMS) gets quantum-safe digital signatures to align with the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) standards.
Google Cloud launches quantum-safe digital signatures
Google announced that it’s implementing quantum-safe digital signatures in its KMS system to align with the National Institute of Standards and Technology’s post-quantum cryptography standards and prepare for future risks from quantum computers breaking current encryption methods to secure its user’s sensitive data, which include government agencies and financial institutions.
Google wrote on its Cloud blog that it is “working to make Google Cloud KMS quantum-safe,” and the new standards software implementations will be available to its Cloud KMS clients as open-source software.
Future-proofing data
Google confirmed adding quantum-safe digital signatures to its key management service (KMS) to secure its users’ data from future attacks, such as “harvest now, decrypt later” (HNDL), in which cyber attackers steal encrypted data and store it until quantum computer capabilities enable them to decrypt it.
Google Cloud’s KMS aims to remove the risk of using public-key cryptography and allow users to encrypt and sign digital data securely. Businesses looking to enhance cloud security and implement quantum-resistant cryptography should consider hiring cloud developers with expertise in secure key management solutions.
Google said the update will counteract the security threat that experimental quantum computing will soon pose to traditional public-key cryptography systems currently used for encrypting data.
- “The potential for sufficiently large, cryptographically relevant quantum computers to break these algorithms highlights the need for developers to build and implement quantum-resistant cryptography now.”
Google added it will adapt to any future quantum cryptanalytic changes:
- “We commit to staying on top of developments in post-quantum cryptography, including incorporating any future algorithm standards from NIST. We are prepared to adapt to any changes that may arise as the quantum cryptanalytic landscape evolves over time, particularly if future cryptanalysis demonstrates attacks that would materially affect the security of Google Cloud customers or their data.”
Encryption protocol threat only years away
Google Cloud’s senior staff security engineer, Jennifer Fernick, and Cloud KMS engineering manager, Andrew Foster, said the risk of quantum computing breaking current encryption methods may be years away, but we must take action now.
Fernick and Foster wrote on Google’s blog:
- “While that future [where quantum computing helps breaking current encryption methods] may be years away, those deploying long-lived roots-of-trust or signing firmware for devices managing critical infrastructure should consider mitigation options against this threat vector now.”
Adding:
- “The sooner we’re able to secure these signatures, the more resilient the digital world’s foundation of trust becomes.”
Google Cloud announced implementing quantum-safe digital signatures only days after Microsoft released the world’s first quantum chip. Microsoft said during the release that quantum computers will break current encryption protocols in the next few years, not decades as previously expected.
