The rise of large-scale quantum computing poses a significant threat to traditional cryptographic security measures. Quantum attacks undermine current asymmetric cryptographic algorithms, rendering them ineffective. Even symmetric key cryptography is vulnerable, albeit to a lesser extent, suggesting longer keys or extended hash functions for security. Thus, current cryptographic solutions are inadequate against emerging quantum threats. Organizations must transition to quantum-safe environments with robust continuity plans and meticulous risk management. This study explores the challenges of migrating to quantum-safe cryptographic states, introducing a comprehensive security risk assessment framework. We propose a security risk assessment framework that examines vulnerabilities across algorithms, certificates, and protocols throughout the migration process (pre-migration, during migration, post-migration). We link these vulnerabilities to the STRIDE threat model to assess their impact and likelihood. Then, we discuss practical mitigation strategies for critical components like algorithms, public key infrastructures, and protocols. Our study not only identifies potential attacks and vulnerabilities at each layer and migration stage but also suggests possible countermeasures and alternatives to enhance system resilience, empowering organizations to construct a secure infrastructure for the quantum era. Through these efforts, we establish the foundation for enduring security in networked systems amid the challenges of the quantum era.
翻译:大规模量子计算的兴起对传统密码安全措施构成重大威胁。量子攻击会破坏当前的非对称密码算法,使其失效。即使对称密钥密码学也面临风险(尽管程度较轻),这意味着需要更长的密钥或扩展的哈希函数来确保安全。因此,现有的密码解决方案难以应对新兴的量子威胁。各组织必须通过制定稳健的连续性计划和细致的风险管理,向量子安全环境过渡。本研究探讨了向量子安全密码状态迁移所面临的挑战,并引入了一套综合性的安全风险评估框架。我们提出了一个安全风险评估框架,用于审视迁移过程(迁移前、迁移中、迁移后)中算法、证书和协议等各层面的脆弱性。我们将这些脆弱性与STRIDE威胁模型关联起来,以评估其影响和可能性。随后,我们讨论了针对算法、公钥基础设施和协议等关键组件的实际缓解策略。我们的研究不仅识别了各层面及各迁移阶段潜在的攻击和脆弱性,还提出了可能的应对措施和替代方案,以增强系统韧性,助力各组织构建面向量子时代的安全基础设施。通过这些努力,我们为网络化系统在量子时代的挑战中建立持久安全奠定了基础。