The Six Five In the Booth: Securing Data with IBM’s Quantum-safe Crytopgraphy Algorithms

By Patrick Moorhead - April 26, 2023

The Six Five – In The Booth at RSA 2023 hosts Daniel Newman and Patrick Moorhead welcome Ray Harishankar, IBM Fellow, IBM Quantum Safe and Michael Osborne, CTO, IBM Quantum Safe and Security Research.

Their discussion covers:

  • The concerns surrounding the future of data security and what it means to be “quantum-safe”
  • IBM’s role in quantum security and addressing the current risks
  • An overview of quantum-safe cryptography and how IBM is using this tech in its own solutions

How IBM envisions governments and businesses using quantum-safe technology.

Be sure to subscribe to The Six Five Webcast so you never miss an episode.

You can watch the full video here:

You can listen to the conversation here:

Disclaimer: The Six Five In the Booth is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.


Patrick Moorhead: Hi, this is Pat Moorhead and we are back for another Six Five, In the Booth. It’s a virtual one because obviously we’re not in a booth, but we are here with my co-host Daniel Newman. How you doing my friend?

Daniel Newman: Pat, it’s good to virtually be at RSA this year. Security is big. It’s a huge topic and it’s been a major focus, especially with all the wobbles in the economy and companies are trying to figure out how do we secure our data, how do we get our customers feeling safe and with all the advancements in AI, adding all the new complexities, Pat, I love this topic.

Patrick Moorhead: Yeah, security packing as a service nation, state budgets, more people working remotely than ever. We’re just expanding that footprint. So let’s dive in and introduce our guests from IBM, Ray and Michael, welcome to the show, first time guests.

Ray Harishankar: Happy to be here Pat and Dan.

Michael Osborne: Yeah, thank us. I’m very happy to be here.

Daniel Newman: Happy to do here-

Patrick Moorhead: Yeah, we do a lot of interviews with some great IBM folks and we’re really excited to do some around RSA and security talking about all the things that IBM is doing, but I think more importantly, getting their point of view on some of the biggest discussions out there about security.

Daniel Newman: So Ray, why don’t I start off with you. We want to focus this one on being quantum-safe. So let’s dive right in with that question. What does it mean to be quantum-safe?

Ray Harishankar: Okay, excellent. Hey, first Pat and Dan, thank you for the opportunity to have this conversation with you. Let me start off, Dan, by giving a little bit of context, right. Quantum computing, as you know, is rapidly maturing and in a few years it’s expected to break widely used security protocols, particularly those that are based on asymmetric cryptography. That is, there is a significant concern that data that is securely protected today could be lost to a future quantum adversary, especially if it is stolen now for future decryption. Therefore, there is an urgent need now to make applications, products, and services to be quantum-safe.

So what does quantum-safe really mean? So to address this challenge that I just laid out, standards, bodies, industry consortiums and academia have been working on novel approaches. Obviously, IBM has been doing that as well to develop algorithms that are resistant to future attacks that could be launched from quantum computers. These algorithms are known as quantum-safe cryptography or post quantum cryptography or quantum resistant cryptography. That is cryptographic algorithms that run on classical compute resources and are resistant to currently known classical and quantum computing approaches.

So to be quantum-safe, an application, product or service must implement these quantum-safe cryptography using a set of public encryption or digital signature approaches that have been standardized, for example, by organizations like NIST, right? So to be crisp, quantum-safe refers to the protection of classical computers from future quantum computers that are capable of breaking current today encryption.

Patrick Moorhead: So Ray, we have a quantum practice at more insights and strategy. We cover what IBM and the rest of the industry is doing, but quantum is relatively new and can you just shine a light on why is this important now? Why do we need it? I mean, do we actually have risks today even though we don’t even have a quantum computer that can break this cryptography?

Ray Harishankar: It’s a great question, Pat, one that is often in the minds of many of our clients. So to pick up or to build on top of what I just talked about, right, quantum computing holds immense potential for computing, but it’s also posing a threat in that it is theoretically possible right now that using a quantum computer we can break industry standard encryption such as RSA, and this is possible by the implementation of Shor’s algorithm, which solves prime factorization in a pretty narrow way on a powerful enough quantum computer. So there therein lies the core of the problem. The prime factorization can be solved quickly in quantum computing, whereas in classical computing it takes thousands if not hundreds of thousands of years to solve that. So that is the problem statement.

So if you say so, “Wait a minute, I get it. However, we don’t have such a quantum computer today, so why worry about it right now?” The simple reason is that there is a potential that motivated bad actors may be harvesting and storing the data today in order to decrypt once such a quantum computer with sufficient scale and maturity becomes available. This is fondly referred to as harvest now when decrypt later, right. This is a problem that exists that is unique to quantum computing or this post-quantum cryptography.

In addition, based on what we have seen our clients tell us, and based on our experience as well, it takes anywhere from five to seven years, this is an optimistic estimate to upgrade current day cryptography to the new quantum-safe cryptography. There is simply a lot of work to be done. So the planning needs to begin now. So to go back to your question of what are the risks today, the risks today are primarily this harvest now and decrypt later, and then the challenge that if you don’t start today, you are going to find that you are quickly running out of runway to solve this problem but I also don’t want to create simply a gloom and doom story here, so there is light at the end of the tunnel, and that is why world’s leading quantum cryptography experts at IBM like Mike and others have been working for years on quantum-safe cryptography, which will help us establish new security standards around these new algorithms.

So what we tell our clients to address these risks is that while you prepare for the promise and the risk of quantum computing, you got to be prepared to handle some of these challenges and so begin planning now so that we are not caught without enough runway to address the risks I just talked about.

Daniel Newman: So IBM has been leading a lot of discussions around quantum, has definitely been investing in a really significant way, has done a good job of telling the entanglement story of how classical and quantum compute is converging and Ray, you answered the question about what does it mean to be quantum-safe, but Mike, I want to pivot over to you now and ask you the question as, okay, well then explain quantum-safe cryptography and what it is on the heels of everything Ray just said?

Michael Osborne: Okay, good question. Obviously with a name like quantum-safe, there can be a lot of confusion into what that actually means. If it has a quantum word in there, then a lot of people think, oh, then you need some quantum effects to actually or a quantum computer to run these new algorithms. That’s not the case. So one way to look at this is simply it’s a new generation of cryptography that is safe against everything we know about quantum computers. So we at IBM, we call it quantum-safe cryptography. Other people like NIST, call it post-quantum, others still call it quantum resistance. So there’s a lot of names for what it actually is, but the key point is it doesn’t need any quantum machinery in order to run this stuff. So you can just replace what we have today with this new cryptography. So that’s the easiest way to look at it.

It’s just new cryptography and why is it new? Well, actually, do you know how old the crypto is that we’ve been using for… It’s 50 years old. So Diffie-Hellman came up with this scheme for key exchange 50 years ago and much of the cryptography since then have been based on similar mathematical problems. Some of the things that Ray has talked about and we know that quantum computers, they’re very good at some things, they’re very bad at other things, so they’re very good at solving the problem that all of the cryptography today is based on, but actually they’re not very good at solving problems in other math areas, maths areas such as lattice cryptography or multivariate cryptography.

So what we mean by quantum-safe cryptography is cryptography based on mathematical problems that we know quantum computers are not good at. So new areas of math, it’s not going to be fun for a lot of people. Math is not everyone’s favorite subject but the other thing I think, which is really important to get across here is that it’s not only safe against future quantum computers, but it’s also safe against all of the attacks that we know today. So not only is it better designed, better verified, it’s created in such a way that there are no back doors by anybody that is interested in putting back doors into this stuff. So it’s just modern new cryptography based on super new, well, not super new, but the mathematical problems that we know quantum computers are not good at.

Patrick Moorhead: So Mike, as industry analysts, we’re not in the business of asking hard questions just to stump people. It’s really to get underneath what’s really going on and one of the harder questions or that some tech vendors have a hard time responding to is, okay, if this is so good, are you using it yourself? Is IBM using this technology in its own solutions?

Michael Osborne: Absolutely, yes and already since some years we started… Actually, we started this whole effort in 2015, so an awful long time ago. So it’s really not very new for us and one of the first things we did after we designed these algorithms is really evaluate how easy they are to implement and then to start to protect some of our own systems. So for example, our tape drives, encrypted tape drives might seem like a funny target, but those tape drives are on the shelves for 30 years. So we have a kind of time horizon where we need to protect the data on those tape drives for 30 years, which means actually it’s an obvious candidate for using a combination of the cryptography that we used to date, plus quantum-safe cryptography. So we started out with tape drive. Since then, we have two releases of our mainframe.

There was a large Z16 release last year which not only offers the algorithms for people to use, it also protects itself using those algorithms. So it’s really the first quantum-safe platform also on IBM Cloud, so there’s actually two reasons for using it. It’s not just that it is the future cryptography that is safe for the next decades, it is actually faster than the crypto that we’re using today. So there’s also a lot of misunderstanding, and incorrect information flying around that these new algorithms are actually very difficult to use and very large. That’s really not the case. These algorithms are now faster than anything that we have used today. So lots of good reasons for implementing this stuff and lots of examples of where we have implemented and right now actually we’re taking all of that know how that we’ve generated in making our systems quantum-safe and we’re actually making that know how available to our clients.

Daniel Newman: Yeah, no, that’s a nice segue to the next question, gentlemen, quantum-safe, quantum as a whole is one of those things that everyone’s waiting for. When does this become market generally available and we’re starting to see these use cases come out? So how does IBM envision governments and large enterprises using this quantum-safe cryptography technology?

Ray Harishankar: So let me take that. So let me draw a parallel to a well-known problem Y2K. So very similar to the updates that were needed for Y2K, governments and businesses, they need to update their systems to be quantum-safe or to have quantum-safe cryptography well before the quantum computers with sufficient scale and maturity become available. That’s why I talked about having to start now. Now, there are of course, very, very significant differences between Y2K and what people call YQK as well. The differences being Y2K had a definite timeline, deadline, YQK does not. The other is Y2K does not have the problem of this harvest now when decrypt later challenge, whereas YQK does.

So that’s why we say you got to get started now. So the obvious question is, so how do we engage with governments and commercial entities to get started? So to manage this, we have created a set of technologies, tools and an offering approach that is powered by these technologies to help government clients and commercial clients embark on their journey to become quantum-safe and yes, it is a journey because as I said, it’ll take some years since the changes are extensive and pervasive. Our approach to making these applications, products and services quantum-safe, whether it be a government client or a commercial client, it is actually three simple steps.

One is discover, then we call it observe, and then transform. Discover is about understanding what do I currently have as my cryptography inventory, where is it being used? So knowing how big the bread basket is, that’s what we call as the discover and we have a set of technologies that we are calling explorer that drives that aspect of discovery. The next is observe, where we look at root cause and migration remediation recommendations and draw some insights from what we just discovered so that we can begin to see how best to go about and address them, not just in a static manner, but also in a real time manner as well and the technologies that support this, we call as advisor and then the last step is transform, where we actually upgrade existing cryptography to be quantum-safe and you can have drop-in replacements for cryptography or some re-architecture where needed and supporting best practice based approaches that will help realize this, these set of technologies are what we call remediator.

So just to quickly recap, three simple steps: discover, observe, transform, supported by, or powered by corresponding set of technologies that we call explorer, advisor and remediator. We do have a set of differentiated approaches and new standards that Mike and team have been helping us with in terms of how they underpin these technologies I just talked about. So I invite Mike to sort of add on to this, over to you Mike.

Michael Osborne: Yeah, I think one point I’d like to mention is that it’s not just about the journey to quantum-safe. There are other things which are really important such that industries and government end up in a better place when it comes to cybersecurity and these are things like secure software supply chain, so that’s another White House mandate for example. So some of the things that we’ve been looking at is how you can extend software bills and materials, for example, with cryptographic assets. So the approach is to align, let’s say, the needs of the journey to becoming quantum-safe with other things that organizations need to be doing at the same time, so this also in the open source community. So we’ve developed a standard for cryptographic bills and materials made this available as an open source effort and this is being consumed now with a number of open source efforts.

So it’s a combination I think of standards where it makes sense plus differentiated tech technology and then the technology you need I think is very dependent on the sort of company you are. Some companies are really very advanced and modern and you can take one approach. Other companies are a little bit more, I would say, traditionally in what they do, so the end of the day you need the right portfolio of technologies these we’ve developed internally and where it makes sense, we’ve made these available to the open source.

Patrick Moorhead: So Mike, in quantum and in security, it really does take a village of companies to be working together. Can you talk a little bit about that and maybe also are there customers actually using IBM Quantum Safe Technologies today?

Michael Osborne: Yeah, maybe I take a stab at that because you’re absolutely right. So if you look, there are things which a company can do by itself. They can sort of understand where and how they use cryptography and maybe they develop themselves so they have things in their own hands, but maybe they buy things from suppliers. So there, if you now have to start looking at your supplier, your supply chain, understand what you’re going to ask your suppliers to do, how you’re going to make sure that these kind of work together with what you are doing and then there’s a third dimension, and this is ecosystems. So there are things like the telco industry or the financial industry, whether there are very large ecosystems for the standards, maybe they are global ecosystems. So there’s different legislations about the world, so there’s certain things you need to be doing at the ecosystem level.

So one of those, for example, is I think is well documented is the work we’ve been doing at the GSMA Standards Organization around mobile networks and that is to help educate an ecosystem such that it can go then to all the parts of that ecosystem and then have a kind of joined up strategy, how to end up in a good place rather than let things develop by themselves and end up in a very bad place when it comes to very fragmented technology solutions.

Daniel Newman: So we are virtually here at RSA and it’s been great having this conversation. I think it sounds like the advancements are happening very quickly, that the opportunity around quantum-safe and quantum-safe encryption is something that public sector, government, large enterprise, and eventually every company that has important data to protect will need to be considering. Mike, for those here at RSA, what would you say is the big quantum-safe takeaway that you want them to leave the show with?

Michael Osborne: Okay. I think for me the most important takeaway is awareness and strategy. It’s a journey, and you can make that journey very difficult by not thinking about it, not really, let’s say we have for example, clients that say, “Oh, we just leave it to the ecosystem, it’ll be okay.” That’s really not the case. So awareness and creating a very clear strategy about how you’re going to address this journey. This will save an awful lot of pain and complexity and take you on a good path and you want to be on a good path and not the alternative bad path, I think. So awareness and strategy.

Patrick Moorhead: Well guys, this is some exciting stuff and if the audience wasn’t aware of quantum-safe cryptography algorithms, I’m sure they are today, and I think the biggest mindblower to me is the importance of it today, which is I can come in today, take this data that’s encrypted using technologies that can’t be broken today, but hey, in three years, once the technology is where it needs to be, I can then apply that and get access to all the proprietary data and just because the data’s not fresh doesn’t mean that it’s not valuable. Things like intellectual property, as an example, credit card numbers, social security numbers, driver’s license numbers, those are important, timeless pieces of information that hackers can exploit and make money on but want to appreciate, Mike, thank you so much and Ray for coming on the show and have a good time at RSA. We’ll be cheering you on from the sidelines.

Ray Harishankar: Appreciate that Pat and I enjoyed it very much. I’m sure Mike did as well. So thanks again. This was excellent.

Michael Osborne: Thank you for the opportunity.

Daniel Newman: So much good stuff in there, Pat. I see so many nice ties to the conversations we have about IBMZ, by the way. All right, so we’ve got to wrap this up though. Really appreciate everybody that tuned in today. Ray, Mike, you’ve been great guests, Pat, we love this topic. Security is big, it’s in focus, it’s in vogue, and I don’t see that changing anytime soon. If you enjoyed what you saw today though, hit that subscribe button. Join us for all of our Six Five episodes here at RSA and beyond but for this episode, for Patrick and myself, it’s time to say goodbye. We’ll see you all later.

Patrick Moorhead
+ posts

Patrick founded the firm based on his real-world world technology experiences with the understanding of what he wasn’t getting from analysts and consultants. Ten years later, Patrick is ranked #1 among technology industry analysts in terms of “power” (ARInsights)  in “press citations” (Apollo Research). Moorhead is a contributor at Forbes and frequently appears on CNBC. He is a broad-based analyst covering a wide variety of topics including the cloud, enterprise SaaS, collaboration, client computing, and semiconductors. He has 30 years of experience including 15 years of executive experience at high tech companies (NCR, AT&T, Compaq, now HP, and AMD) leading strategy, product management, product marketing, and corporate marketing, including three industry board appointments.