The BIS Innovation Hub’s Eurosystem Centre, in collaboration with the Bank of France and Deutsche Bundesbank, initiated Project Leap. This endeavor, undertaken by the Eurosystem partners, aims to equip central banks and the global financial system for a shift towards encryption that is resistant to quantum threats.
The presence of quantum computers poses a significant risk to the stability of the financial system. If these quantum machines become viable, they have the potential to compromise the security of existing mainstream cryptographic protocols that the financial system relies on for safeguarding data and transactions. In the mid-1990s, researchers developed quantum algorithms that, in theory and given a powerful enough quantum computer, could break widely used public key cryptographic schemes. This theoretical capability threatens the foundational security of our financial services infrastructure and could have severe implications for financial stability.
Despite the absence of functional quantum computers currently, the urgency to address the security threat is paramount. Malicious actors can already intercept and store confidential, classically encrypted data with the intent to decrypt it later when quantum machines reach sufficient power. Consequently, data transmitted or stored today are susceptible to “harvest now, decrypt later” attacks by future quantum computers. The long-term sensitivity of financial data implies that the mere potential existence of a quantum computer makes current systems insecure.
What is Project Leap?
Project Leap aims to fortify the financial system against this looming threat. While quantum-resistant cryptographic protocols are already feasible, implementing them in financial systems poses various challenges. Legacy systems, with their limited flexibility, require a substantial transition effort. Project Leap tackles specific challenges associated with implementing quantum-resistant IT environments in the financial system, preparing for this transition and expediting its execution.
The collaborative experiment involving the BIS Innovation Hub Eurosystem Centre, the Bank of France, and Deutsche Bundesbank is focused on making the financial system resistant to quantum threats, starting with central bank operations. In the initial stage of Project Leap, efforts were directed toward implementing post-quantum cryptographic protocols in central bank functions, such as payments. A quantum-safe environment was established to secure infrastructures from potential data interception during transit, particularly safeguarding highly sensitive communications. The project’s dual objectives of fortifying the financial system against quantum threats and enhancing awareness within the central banking community aim to provide valuable insights into the quantum evolution of the financial system.
A specific challenge tackled in the first phase of Project Leap is cryptographic agility, emphasizing the need to seamlessly switch between cryptographic schemes and algorithms without impacting applications. Given the ongoing discussions around new quantum-resistant cryptographic standards, cryptographic agility becomes crucial in transitioning to quantum-resistant encryption.
Another significant observation pertains to the trade-off between security strength and performance in post-quantum cryptography, where security configurations may need adjustment based on application requirements. The successful establishment of a quantum-safe environment in a financial systems context during the first phase, though achieved in a controlled test environment, signals the need for further exploration in complex real-life scenarios. Consequently, a second phase of Project Leap is planned to delve into additional network architectures, test diverse hardware types, incorporate additional communication layers to build a complete chain of trust, and include additional central bank processes.
Introduction
Quantum computing has garnered significant attention in research since the early 1990s, as evidenced by a substantial increase in publications, exceeding 48,000 in 2020 alone (Dejpasand and Sasani Ghamsari, 2023). Numerous leading technology companies and startups have been actively working on the development of quantum computers, marked by a continual rise in the number of qubits. The imminent potential for quantum computers to outperform current classical computers in specific tasks has become apparent.
The impact of quantum computing holds promise for various industries, including finance. In the financial sector, quantum computers could facilitate the integration of artificial intelligence into financial services and enhance financial modeling capabilities. For instance, there is a growing interest in the banking industry to leverage quantum algorithms for accelerating Monte Carlo simulations.
However, the heavy reliance of the current financial system on traditional cryptographic security protocols makes it susceptible to new cyber threats posed by quantum computers. The potential advent of fully functional quantum computers poses a considerable risk to widely used cryptographic algorithms. The Financial Stability Board has highlighted cyber-attacks as a significant threat to the financial system, and regulatory and supervisory efforts globally have worked to mitigate cyber risks in the financial sector. Nevertheless, the hostile use of financial data in the wake of quantum computing advancements could disrupt crucial financial services, jeopardizing security and data confidentiality and thereby impacting financial stability (FSB, 2017).
The World Economic Forum, in its latest global risks report, has identified the quantum computing cyber threat as a major emerging technological risk (FEM, 2022). This recognition has prompted a call for collective action, emphasizing the need for new encryption standards capable of safeguarding the IT systems of financial services.
While fully functional quantum computers are not yet in existence, the immediacy of the security threat necessitates urgent attention. Presently, malicious entities can intercept and store confidential data that is classically encrypted, with the intent to decrypt it later when quantum computers reach sufficient power. Consequently, data that is currently stored or transmitted is vulnerable to “harvest now, decrypt later” attacks facilitated by future quantum computers. The enduring sensitivity of financial data means that the mere potential existence of a quantum computer in the future renders today’s systems inherently insecure.
Impact of Cyber Threats on Central Bank IT System
Understanding the quantum cyber threat requires a grasp of how quantum computers function. Traditional computer systems convert information into binary digits, or bits, with each bit holding a singular value of 0 or 1. This classical two-dimensional system forms the basis for a broad range of computer tasks, underpinning the entire Web-based economy, including financial services.
In contrast, a quantum computer processes information by utilizing quantum particles, fundamentally different from classical computers (refer to Annex A Box 1). The quantum computer’s basic unit of information is not a bit but a qubit, representing a quantum bit. Similar to classical bits, a qubit can have a value of 0 or 1. However, uniquely, a qubit can exist in a superposition state, simultaneously holding values of 0 and 1. This superposition state grants quantum computers significantly enhanced processing power for specific tasks compared to classical computers.
The development of a functional quantum computer poses challenges, with “noise” being a primary concern. During computation, various atomic and subatomic particles surrounding the quantum computer can interfere with qubits, leading to imperfect states and diminishing their computational advantage. Despite efforts to operate quantum computers in highly isolated environments at close to absolute zero temperatures to minimize interference, creating a sufficient number of perfect qubits remains challenging, limiting the capabilities of quantum devices.
Due to noise-related limitations, current quantum computers typically have between 50 and a few hundred qubits. This constraint has led to the characterization of the current state of quantum computing as the Noisy Intermediate-Scale Quantum (NISQ) era by John Preskill, a theoretical physics professor at the California Institute of Technology (Preskill, 2018). The evolution of quantum computers is expected to overcome these limitations over time.
Companies and organizations pursuing advancements in quantum computing adopt two main approaches to increase qubit numbers. Some focus on stabilizing physical qubits and creating perfect ones, while others employ error correction techniques, adding logical qubits to offset stability issues. Despite the limitations of NISQ devices, they are already capable of successfully performing specific tasks.
Prepare Now: Central Banks Urgency
Undoubtedly, quantum computing poses a significant threat to financial stability, amplifying the risks that the financial industry already faces from conventional cyber attacks capable of causing solvency and liquidity shocks. The potential widespread impact of a cyber attack on a mid-sized bank, reveals vulnerabilities in the interconnected structure of financial market infrastructures that could lead to industry-wide repercussions. Unlike conventional cyber threats, a quantum computer attack could inflict more severe and costly damage on the financial system, demanding proactive measures from central banks due to the enduring sensitivity of financial data and the intricate nature of contemporary IT systems.
The implications are substantial, as the advent of a sufficiently powerful quantum computer would render current data protection mechanisms obsolete, affecting internet communications, digital signatures, passwords, contracts, and other critical documents. This scenario could compromise the integrity of digitally signed contracts, as the assurance of the signer’s identity would no longer be guaranteed.
Despite the high stakes, there is a positive trend of organizations and governments responding to the quantum threat. In November 2022, the White House issued a memorandum outlining a timeline for implementing post-quantum cryptography, emphasizing the transition to quantum-resistant encryption for vulnerable systems. National authorities, such as ANSSI in France, have also been providing guidance on migrating systems to quantum-safe cryptography.
However, overlooking the gravity of this threat is perilous. Central banks must take immediate action, recognizing that the replacement of current encryption standards is a lengthy process, potentially spanning decades. Past experiences have shown that the migration process post-new standards publication is time-consuming. The initiation of transition planning is imperative, commencing with a quantum risk assessment to identify and catalog vulnerable systems. Subsequently, a strategic and long-term quantum roadmap, inclusive of a transition phase, is essential for fortifying critical central bank infrastructure against quantum computer attacks.
Major Findings in Project Leap
i. Agility in Cryptography
Presently, numerous information systems grapple with a deficiency in cryptographic agility due to a lack of design considerations for easy replacement. The transition to new protocols necessitates substantial infrastructure modifications, making it imperative to assess post-quantum algorithms within existing hybrid systems that integrate tailored cryptographic solutions. In the context of Project Leap, the open-source solution strongSwan was chosen for its inherent flexibility. The implementation of post-quantum cryptography in a hybrid mode enables the integration of new algorithms alongside traditional ones. This approach offers the flexibility needed to discard specific algorithms no longer recommended by national cybersecurity authorities.
National standardization bodies like NIST and cybersecurity authorities such as BSI or ANSSI advocate for hybridization. This entails combining a post-quantum algorithm with a scheme based on traditional cryptography, emphasizing cryptographic agility. In such configurations, the client and server collaboratively decide on additional key exchanges during the initial negotiation. In Project Leap’s early efforts to establish a VPN with quantum-safe cryptography, it was demonstrated that both key agreement and digital signatures could be implemented in a hybrid mode.
To ascertain the use of a quantum-safe VPN, a green-light approach was adopted. Once the quantum-safe connection is established, the Leap Payment Application logo turns green, signifying the successful creation and encryption of the VPN tunnel in a hybrid mode. This mimics the transparency found in existing VPN applications and is akin to the small lock symbol in web browsers that indicates a secure connection to a web server. The objective of the Project Leap test was to provide the same assurance, albeit limited to the subnet.
ii. Performance
The implementation of post-quantum cryptography introduces a potential performance cost attributed to the time required for key generation and signature verification, aspects that were thoroughly examined in Project Leap.
The performance evaluation of cryptographic algorithms involved time measurements during the VPN setup within the context of transmitting a 1 Mb file. Similarly, a standard Pacs.008 payment message, approximately 1 Mb in size, was transmitted through the VPN between the Bank of France and Deutsche Bundesbank.
Importantly, there was no discernible impact on performance when sending data through the VPN tunnel, regardless of data size. Once the post-quantum VPN tunnel is established, the information is encrypted using traditional cryptography (AES-256). Although the initial setup of the tunnel experienced an impact on performance due to the additional layer of cryptography, the actual data transfer performance remained unaffected. In practical applications, the initial tunnel setup typically occurs once or twice during a business day.
The algorithm testing phase encompassed different IT systems, including both legacy systems and cloud environments with more modern configurations. The performance of two versions of FrodoKEM (AES vs Shake) exhibited slight variations, particularly when executed on a legacy system. As expected, hardware acceleration, such as AVX2, contributed to increased speed during the tunnel setup, notably for the FrodoKEM AES version compared to FrodoKEM Shake.
The diversity in algorithms tested provides adaptability for various use cases within central bank IT systems. At this juncture, all tested post-quantum algorithms are deemed suitable for central bank processes, with various security strength categories considered robust. However, performance discrepancies should be taken into account. Notably, the digital signature Sphincs+ demonstrated slower performance compared to other algorithms. Despite its slower speed, Sphincs+ is apt for applications prioritizing reliability, given its hash-based nature. In Project Leap, Sphincs+ was configured with hybridization, resulting in longer times, considering the legacy part of the protocol.
iii. Security
Despite recommendations from authorities such as ANSSI favoring the implementation of only the fifth security category, the Project Leap team opted to explore various security categories defined by NIST. A comparative analysis was conducted between hybrid implementations and non-hybrid alternatives. The adoption of post-quantum cryptography in a hybrid mode addresses two key security-related risks:
In the event of a breach in legacy asymmetric cryptosystems, a post-quantum layer safeguards data transfer, ensuring the system’s security and preventing regression.
Hybridization enhances system agility, facilitating the replacement of traditional schemes as they become obsolete.
There is a trade-off between performance and security. Increasing security strength slows down setting up the VPN tunnel. Security configurations should match application requirements. Performance tests showed varying results, with some algorithms performing better than others. For strict performance needs, Crystals-Kyber is better than Frodo. Crystals-Dilithium and Falcon have similar performance, but Falcon is slightly better. Combining Crystals-Kyber and Falcon is recommended for performance-focused scenarios, but further tests are advised.
Various signature algorithms were tested with the X.509 standard to ascertain if it was possible to identify the certificate in use. Given the array of potential post-quantum algorithms for digital signatures, identification becomes crucial for validating the specific algorithm employed. The certificate, upon receipt, is associated with an object identifier (OID) that describes the algorithm used. Current tools enable the identification of the OID in use, affirming that in post-quantum cryptography, it is indeed possible to gather information about the algorithm being employed.
Conclusion
Project Leap successfully demonstrates the feasibility of implementing post-quantum protocols, signaling that the migration process can commence. Central banks must incorporate a transition phase into their cybersecurity roadmaps to ensure preparedness for the eventual publication of final standards. By offering insights and technical findings, this report serves as a foundation for future collaboration among central banks in the realm of post-quantum cryptographic protocols.
Initiating the establishment of a quantum-safe environment at the network level, Project Leap constructs a secure communication channel for transmitting data and payment messages through a post-quantum VPN tunnel. Subsequent project phases will delve into additional central bank use cases, all with the overarching goal of contributing to the collective effort of fortifying the financial system against quantum threats.
Project Leap has validated the feasibility of implementing post-quantum solutions, particularly evident in the case of a VPN where there is no significant impact on performance. However, in applications where performance is paramount, such as instant payment systems or central bank digital currency (CBDC) platforms, a trade-off between security and performance becomes essential. The adaptability of security levels for various central bank processes was demonstrated, emphasizing that the implementation of a strongSwan solution provides the necessary flexibility for hybridization.
Future endeavors could extend to testing post-quantum cryptography in more intricate environments, addressing diverse central banking use cases to secure communications between central banks and other institutions. In the overarching goal of quantum-proofing the financial system, the implementation of quantum-resistant cryptography should extend beyond the network layer to encompass the application and transport layers, forming a comprehensive chain of trust.
References
Dejpasand, M. T. and Sasani Ghamsari, M. (2023) ‘Research Trends in Quantum Computers by Focusing on Qubits as Their Building Blocks’, Quantum Reports, 5(3), pp. 597–608. doi: 10.3390/quantum5030039.
FEM (2022) The Global Risks Report 2022. 17th Edition, World Economic Forum.
FSB (2017) ‘Summary Report on Financial Sector Cybersecurity Regulations, Guidance, and Supervisory Practices’, (October 2017), p. 11. Available at: http://www.fsb.org/wp-content/uploads/P131017-1.pdf.
Read more about Digital Currency at rue-dex.com