Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways

Jakub Sowa; Bach Hoang; Advaith Yeluru; Steven Qie; Anita Nikolich; Ravishankar K Iyer; Phuong Cao

doi:10.1109/QCE60285.2024.00213

Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways

Jakub Sowa, Bach Hoang, Advaith Yeluru, Steven Qie, Anita Nikolich, Ravishankar K Iyer, Phuong Cao

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The problem of adopting quantum-resistant crypto-graphic network protocols or post-quantum cryptography (PQC) is critically important to democratizing quantum computing. The problem is urgent because practical quantum computers will break classical encryption in the next few decades. Past encrypted data has already been collected and can be de-crypted in the near future. The main challenges of adopting post-quantum cryptography lie in algorithmic complexity and hardware/software/network implementation. The grand question of how existing cyberinfrastructure will support post-quantum cryptography remains unanswered. This paper describes: i) the design of a novel Post-Quantum Cryptography (PQC) network instrument placed at the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign and a part of the FABRIC testbed; ii) the latest results on PQC adoption rate across a wide spectrum of network protocols (Secure Shell - SSH, Transport Layer Security - TLS, etc.); iii) the current state of PQC implementation in key scientific applications (e.g., OpenSSH or SciTokens); iv) the challenges of being quantum-resistant; and v) discussion of potential novel attacks. This is the first large-scale measurement of PQC adoption at national-scale supercomputing centers and FABRIC testbeds. Our results show that only OpenSSH and Google Chrome have successfully implemented PQC and achieved an initial adoption rate of 0.029 % (6,044 out of 20,556,816) for OpenSSH connections at NCSA coming from major Internet Service Providers or Autonomous Systems (ASes) such as OARNET, GTT, Google Fiber Webpass (U.S.) and Uppsala Lans Landsting (Sweden), with an overall increasing adoption rate year-over-year for 2023-2024. Our analyses identify pathways to migrate current applications to be quantum-resistant.

Original language	English (US)
Title of host publication	Technical Papers Program
Editors	Candace Culhane, Greg T. Byrd, Hausi Muller, Yuri Alexeev, Yuri Alexeev, Sarah Sheldon
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1835-1846
Number of pages	12
ISBN (Electronic)	9798331541378
DOIs	https://doi.org/10.1109/QCE60285.2024.00213
State	Published - 2024
Event	5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024 - Montreal, Canada Duration: Sep 15 2024 → Sep 20 2024

Publication series

Name	Proceedings - IEEE Quantum Week 2024, QCE 2024
Volume	1

Conference

Conference	5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024
Country/Territory	Canada
City	Montreal
Period	9/15/24 → 9/20/24

Keywords

adoption rate
algorithmic complexity
cryptography
cyberinfrastructure
distributed
encrypted data
FABRIC
Google Chrome
migration
NCSA
networking
NIST
novel attacks
OpenSSH
performance
Phuong
Phuong Cao
post-quantum cryptography
PQC
PQC network instrument
quantum computing
quantum-resistant
quantum-resistant applications
scientific applications
SSH
systems
testbed
TLS

ASJC Scopus subject areas

Computational Theory and Mathematics
Computer Networks and Communications
Hardware and Architecture
Signal Processing
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality
Computational Mathematics
Statistical and Nonlinear Physics

Online availability

10.1109/QCE60285.2024.00213

Library availability

Discover UIUC Full Text

Cite this

Sowa, J., Hoang, B., Yeluru, A., Qie, S., Nikolich, A., Iyer, R. K., & Cao, P. (2024). Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways. In C. Culhane, G. T. Byrd, H. Muller, Y. Alexeev, Y. Alexeev, & S. Sheldon (Eds.), Technical Papers Program (pp. 1835-1846). (Proceedings - IEEE Quantum Week 2024, QCE 2024; Vol. 1). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/QCE60285.2024.00213

Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways. / Sowa, Jakub; Hoang, Bach; Yeluru, Advaith et al.
Technical Papers Program. ed. / Candace Culhane; Greg T. Byrd; Hausi Muller; Yuri Alexeev; Yuri Alexeev; Sarah Sheldon. Institute of Electrical and Electronics Engineers Inc., 2024. p. 1835-1846 (Proceedings - IEEE Quantum Week 2024, QCE 2024; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Sowa, J, Hoang, B, Yeluru, A, Qie, S, Nikolich, A , Iyer, RK & Cao, P 2024, Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways. in C Culhane, GT Byrd, H Muller, Y Alexeev, Y Alexeev & S Sheldon (eds), Technical Papers Program. Proceedings - IEEE Quantum Week 2024, QCE 2024, vol. 1, Institute of Electrical and Electronics Engineers Inc., pp. 1835-1846, 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024, Montreal, Canada, 9/15/24. https://doi.org/10.1109/QCE60285.2024.00213

Sowa J, Hoang B, Yeluru A, Qie S, Nikolich A , Iyer RK et al. Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways. In Culhane C, Byrd GT, Muller H, Alexeev Y, Alexeev Y, Sheldon S, editors, Technical Papers Program. Institute of Electrical and Electronics Engineers Inc. 2024. p. 1835-1846. (Proceedings - IEEE Quantum Week 2024, QCE 2024). doi: 10.1109/QCE60285.2024.00213

Sowa, Jakub ; Hoang, Bach ; Yeluru, Advaith et al. / Post-Quantum Cryptography (PQC) Network Instrument : Measuring PQC Adoption Rates and Identifying Migration Pathways. Technical Papers Program. editor / Candace Culhane ; Greg T. Byrd ; Hausi Muller ; Yuri Alexeev ; Yuri Alexeev ; Sarah Sheldon. Institute of Electrical and Electronics Engineers Inc., 2024. pp. 1835-1846 (Proceedings - IEEE Quantum Week 2024, QCE 2024).

@inproceedings{08840af7ab0f48a584b64f9331bc1378,

title = "Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways",

abstract = "The problem of adopting quantum-resistant crypto-graphic network protocols or post-quantum cryptography (PQC) is critically important to democratizing quantum computing. The problem is urgent because practical quantum computers will break classical encryption in the next few decades. Past encrypted data has already been collected and can be de-crypted in the near future. The main challenges of adopting post-quantum cryptography lie in algorithmic complexity and hardware/software/network implementation. The grand question of how existing cyberinfrastructure will support post-quantum cryptography remains unanswered. This paper describes: i) the design of a novel Post-Quantum Cryptography (PQC) network instrument placed at the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign and a part of the FABRIC testbed; ii) the latest results on PQC adoption rate across a wide spectrum of network protocols (Secure Shell - SSH, Transport Layer Security - TLS, etc.); iii) the current state of PQC implementation in key scientific applications (e.g., OpenSSH or SciTokens); iv) the challenges of being quantum-resistant; and v) discussion of potential novel attacks. This is the first large-scale measurement of PQC adoption at national-scale supercomputing centers and FABRIC testbeds. Our results show that only OpenSSH and Google Chrome have successfully implemented PQC and achieved an initial adoption rate of 0.029 % (6,044 out of 20,556,816) for OpenSSH connections at NCSA coming from major Internet Service Providers or Autonomous Systems (ASes) such as OARNET, GTT, Google Fiber Webpass (U.S.) and Uppsala Lans Landsting (Sweden), with an overall increasing adoption rate year-over-year for 2023-2024. Our analyses identify pathways to migrate current applications to be quantum-resistant.",

keywords = "adoption rate, algorithmic complexity, cryptography, cyberinfrastructure, distributed, encrypted data, FABRIC, Google Chrome, migration, NCSA, networking, NIST, novel attacks, OpenSSH, performance, Phuong, Phuong Cao, post-quantum cryptography, PQC, PQC network instrument, quantum computing, quantum-resistant, quantum-resistant applications, scientific applications, SSH, systems, testbed, TLS",

author = "Jakub Sowa and Bach Hoang and Advaith Yeluru and Steven Qie and Anita Nikolich and Iyer, {Ravishankar K} and Phuong Cao",

note = "We acknowledge Dr. Jim Basney for in-depth discussions about SciTokens, Dr. Santiago Nunez-Corrales, Dr. Edoardo Giusto, members of NCSA Quantum Task Force, Dependable Classical-Quantum Computing Systems Engineering Working Group, and the Illinois Quantum Information Science and Technology Center (IQUIST) faculty members, particularly Dr. Brian DeMarco, for insightful feedback. This work was partly supported by the National Science Foundation (NSF) under contract CCF #2319190. We also want to recognize the following organizations/programs: the NSF's Trusted CI Cybersecurity Center of Excellence, NCSA Student Pushing Innovation Program (SPIN), Illinois Computes, IBM-Illinois Discovery Accelerator Institute, FABRIC, PPoSS, and the NSF's CyberCorps Scholarship for Service (SFS) Program, ACCESS and Delta allocations, NCSA Integrated Cyberinfrastructure/ IRST team, particularly Timothy Boerner, James Eyrich, Ryan Walker, Christopher Clausen, and Dr. Yang Guo at the NIST HPC Security Working Group. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of their employers or the sponsors.; 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024 ; Conference date: 15-09-2024 Through 20-09-2024",

year = "2024",

doi = "10.1109/QCE60285.2024.00213",

language = "English (US)",

series = "Proceedings - IEEE Quantum Week 2024, QCE 2024",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1835--1846",

editor = "Candace Culhane and Byrd, {Greg T.} and Hausi Muller and Yuri Alexeev and Yuri Alexeev and Sarah Sheldon",

booktitle = "Technical Papers Program",

address = "United States",

}

TY - GEN

T1 - Post-Quantum Cryptography (PQC) Network Instrument

T2 - 5th IEEE International Conference on Quantum Computing and Engineering, QCE 2024

AU - Sowa, Jakub

AU - Hoang, Bach

AU - Yeluru, Advaith

AU - Qie, Steven

AU - Nikolich, Anita

AU - Iyer, Ravishankar K

AU - Cao, Phuong

N1 - We acknowledge Dr. Jim Basney for in-depth discussions about SciTokens, Dr. Santiago Nunez-Corrales, Dr. Edoardo Giusto, members of NCSA Quantum Task Force, Dependable Classical-Quantum Computing Systems Engineering Working Group, and the Illinois Quantum Information Science and Technology Center (IQUIST) faculty members, particularly Dr. Brian DeMarco, for insightful feedback. This work was partly supported by the National Science Foundation (NSF) under contract CCF #2319190. We also want to recognize the following organizations/programs: the NSF's Trusted CI Cybersecurity Center of Excellence, NCSA Student Pushing Innovation Program (SPIN), Illinois Computes, IBM-Illinois Discovery Accelerator Institute, FABRIC, PPoSS, and the NSF's CyberCorps Scholarship for Service (SFS) Program, ACCESS and Delta allocations, NCSA Integrated Cyberinfrastructure/ IRST team, particularly Timothy Boerner, James Eyrich, Ryan Walker, Christopher Clausen, and Dr. Yang Guo at the NIST HPC Security Working Group. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of their employers or the sponsors.

PY - 2024

Y1 - 2024

N2 - The problem of adopting quantum-resistant crypto-graphic network protocols or post-quantum cryptography (PQC) is critically important to democratizing quantum computing. The problem is urgent because practical quantum computers will break classical encryption in the next few decades. Past encrypted data has already been collected and can be de-crypted in the near future. The main challenges of adopting post-quantum cryptography lie in algorithmic complexity and hardware/software/network implementation. The grand question of how existing cyberinfrastructure will support post-quantum cryptography remains unanswered. This paper describes: i) the design of a novel Post-Quantum Cryptography (PQC) network instrument placed at the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign and a part of the FABRIC testbed; ii) the latest results on PQC adoption rate across a wide spectrum of network protocols (Secure Shell - SSH, Transport Layer Security - TLS, etc.); iii) the current state of PQC implementation in key scientific applications (e.g., OpenSSH or SciTokens); iv) the challenges of being quantum-resistant; and v) discussion of potential novel attacks. This is the first large-scale measurement of PQC adoption at national-scale supercomputing centers and FABRIC testbeds. Our results show that only OpenSSH and Google Chrome have successfully implemented PQC and achieved an initial adoption rate of 0.029 % (6,044 out of 20,556,816) for OpenSSH connections at NCSA coming from major Internet Service Providers or Autonomous Systems (ASes) such as OARNET, GTT, Google Fiber Webpass (U.S.) and Uppsala Lans Landsting (Sweden), with an overall increasing adoption rate year-over-year for 2023-2024. Our analyses identify pathways to migrate current applications to be quantum-resistant.

AB - The problem of adopting quantum-resistant crypto-graphic network protocols or post-quantum cryptography (PQC) is critically important to democratizing quantum computing. The problem is urgent because practical quantum computers will break classical encryption in the next few decades. Past encrypted data has already been collected and can be de-crypted in the near future. The main challenges of adopting post-quantum cryptography lie in algorithmic complexity and hardware/software/network implementation. The grand question of how existing cyberinfrastructure will support post-quantum cryptography remains unanswered. This paper describes: i) the design of a novel Post-Quantum Cryptography (PQC) network instrument placed at the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign and a part of the FABRIC testbed; ii) the latest results on PQC adoption rate across a wide spectrum of network protocols (Secure Shell - SSH, Transport Layer Security - TLS, etc.); iii) the current state of PQC implementation in key scientific applications (e.g., OpenSSH or SciTokens); iv) the challenges of being quantum-resistant; and v) discussion of potential novel attacks. This is the first large-scale measurement of PQC adoption at national-scale supercomputing centers and FABRIC testbeds. Our results show that only OpenSSH and Google Chrome have successfully implemented PQC and achieved an initial adoption rate of 0.029 % (6,044 out of 20,556,816) for OpenSSH connections at NCSA coming from major Internet Service Providers or Autonomous Systems (ASes) such as OARNET, GTT, Google Fiber Webpass (U.S.) and Uppsala Lans Landsting (Sweden), with an overall increasing adoption rate year-over-year for 2023-2024. Our analyses identify pathways to migrate current applications to be quantum-resistant.

KW - adoption rate

KW - algorithmic complexity

KW - cryptography

KW - cyberinfrastructure

KW - distributed

KW - encrypted data

KW - FABRIC

KW - Google Chrome

KW - migration

KW - NCSA

KW - networking

KW - NIST

KW - novel attacks

KW - OpenSSH

KW - performance

KW - Phuong

KW - Phuong Cao

KW - post-quantum cryptography

KW - PQC

KW - PQC network instrument

KW - quantum computing

KW - quantum-resistant

KW - quantum-resistant applications

KW - scientific applications

KW - SSH

KW - systems

KW - testbed

KW - TLS

UR - http://www.scopus.com/inward/record.url?scp=85217409429&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85217409429&partnerID=8YFLogxK

U2 - 10.1109/QCE60285.2024.00213

DO - 10.1109/QCE60285.2024.00213

M3 - Conference contribution

AN - SCOPUS:85217409429

T3 - Proceedings - IEEE Quantum Week 2024, QCE 2024

SP - 1835

EP - 1846

BT - Technical Papers Program

A2 - Culhane, Candace

A2 - Byrd, Greg T.

A2 - Muller, Hausi

A2 - Alexeev, Yuri

A2 - Sheldon, Sarah

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 15 September 2024 through 20 September 2024

ER -

Post-Quantum Cryptography (PQC) Network Instrument: Measuring PQC Adoption Rates and Identifying Migration Pathways

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this