Tape Storage

 View Only

Truth or Dare: Quantum-Safe Cryptography and Tape

By Shawn Brume posted Wed March 30, 2022 01:35 PM

Part of the #simplytape series
World War Three has begun! Have no doubt that not only are the global economies under constant threat but so is every business.  Cybercriminals have targeted the global economy and every company is already infected. We do not know what we do not know.  This is the position of the cyber security professionals in most organizations. Are they wrong? No. Are they overwhelmingly, correct? No, we are not doomed. A truth is, that as storage professionals, we must take every precaution to protect data at rest.

What is the impact of Quantum-computing?

The truth is that Quantum Computing spells an end to the strong encryption Algorithms of today.  A bigger truth is that for the near future, AES-256 and other strong encryptions are still Quantum-Safe Cryptography.  The dare is how long can we afford to wait before the storage of data crosses the threat threshold.   According to the Global Risk Institute, the majority of experts do not predict the first RSA-2048 crypto to be cracked within 24 hours,  before the end of the decade2.

Storage professionals should not tempt fate by allowing less than AES-256 encryption for data at rest.  AES-256 is secure for the next 7-10 years against available strength quantum computers.  Get the truth from NIST-  Post-Quantum Cryptography.

What is the Quantum-safe Cryptography Deadline?

The truth is the deadline for quantum-safe cryptography or Post-Quantum Cryptography as termed by NIST, is dependent on the medium of storage. The longer data remains on a single medium without migration, the more likely it is to cross the threat timeline.  That timeline is not specifically known but based on the computing power of current quantum technology it is between 10 and 15 years away. This puts IBM tape front and center in the discussion. Data retention on tape is most likely to touch the threat timeline without migration of data.

IBM tape hardware has been leading cryptographic hardware since 2005. In 2019 IBM demonstrated the ability to use Kyber, a secure key encapsulation mechanism and Dilithium, on IBM tape drives to encrypt and read back post-quantum secure data.

The key to implementation of post-quantum cryptography is the ratification of standard by NIST.    The IBM tape team is not idle in understanding the concerns of security professionals All current and future tape drives will continue to be post-quantum ready with IBM implementing the ratified algorithms as soon as NIST completes the process.

 Don’t play truth or dare with your data, modern hardware encryption has no measurable penalty for encrypting. The penalty for not encrypting can be devastating.

  1. The State of Storage Security - Continuity
  2. Quantum threat Timeline Report, Global Risk Institute
  3. https://www.nist.gov/video/post-quantum-cryptography-good-bad-and-powerful