Covering Disruptive Technology Powering Business in The Digital Age

Home > Archives > News > IBM Introduces ‘Quantum-Safe’ Cryptography Support
IBM Introduces ‘Quantum-Safe’ Cryptography Support
January 20, 2021 News


Quantum computers promise numerous benefits for many industries, potentially helping them solve the most complicated and complex tasks. However, there are also concerns in its application to encryption, with various experts saying that the same computing power can be used in cracking complex cryptography algorithms, essentially threatening the security landscape.

While having their own quantum roadmap, IBM is also focusing on the security aspect of quantum computing, having released a series of cloud services and technologies to achieve quantum-safe cryptography which could prevent possible attacks from both classical and quantum computers.

“Pioneered by IBM Research scientists, the company is now offering quantum-safe cryptography support for key management and application transactions in IBM Cloud, making it the industry’s most holistic quantum-safe cryptography approach to securing data available today”, said IBM.


The New Capabilities

According to Hillery Hunter, Vice President and Chief Technology Officer, IBM Cloud, security and compliance remain front and centre for IBM Cloud as they continue to invest in confidential computing; helping enterprises of all kinds keep their data secured.

IBM has introduced the following new capabilities on their IBM Cloud platform:

Quantum-Safe Cryptography Support: Through the use of open standards and open-source technology, this service enhances the standards used to transmit data between the enterprise and the cloud, helping to secure data by using a quantum-safe algorithm. IBM stated that this includes research, development and standardisation of core quantum-safe cryptography algorithms as open-source tools. It also consists of governance, tools and technology to support clients as they start on the same journey to a more secure future.

Extended IBM Cloud Hyper Protect Crypto Services: This features the industry’s highest level of cryptographic key encryption protection by providing customers with ‘Keep Your Own Key’ (KYOK) capability. Built on FIPS-140-2 Level 4-certified hardware, this allows clients to have exclusive key control and therefore authority over the data and workloads protected by the keys.

In addition, IBM also offers its Key Protect, a cloud-based service that provides lifecycle management for encryption keys that are used in IBM Cloud services or client-built applications. This gives the ability to use quantum-safe cryptography enabled Transport Layer Security (TLS) connection – helping to protect data during the key lifecycle management.


Further Collaboration with Peers

IBM is also collaborating with various organisations focusing on quantum security. In fact, they are featuring open-source tools such as Cryptographic Suite for Algebraic Lattices (CRYSTALS) and OpenQuantumSafe (OQS).

CRYSTAL encompasses two cryptographic primitives: Kyber, a secure key-encapsulation mechanism (KEM) and Dilithium, a secure digital signature algorithm. Both algorithms are based on hard problems over module lattices, designed to withstand attacks by large quantum computers and have been submitted to the National Institute of Standards and Technology (NIST) post-quantum cryptography project.

The OQS consists of two main lines of work: liboqs, an open-source C library for quantum-resistant cryptographic algorithms and prototype integrations into protocols and applications, including the widely used OpenSSL library.

Additionally, security best practices on IBM Cloud are now available as a Centre for Internet Security (CIS) Foundations benchmark for IBM Cloud and IBM Research cryptographers are key contributors to the QSC algorithms that are short-listed in the National Institute of Standards and Technology (NIST).