In our previous blog, “Living in a Post Quantum World,” we discussed the role cryptographic algorithms play in withstanding threats that may arise from the advanced computational abilities of quantum computers. As quantum technology evolves, it poses a significant threat to conventional cryptographic algorithms like RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography). These cryptographic algorithms are crucial components of modern cryptography and widely used for securing digital communications.
Cyber criminals can use quantum computing in the future to decrypt data they harvest today, secured with these traditional algorithms. Thus, securing today’s data demands preempting tomorrow’s quantum attacks.
The security level of traditional cryptography systems depends on the complexity of factoring large numbers and solving discrete logarithm problems—challenges that quantum computers are exceptionally equipped to handle.
What is Post-Quantum Cryptography (PQC)
Post-Quantum Cryptography (PQC) is focused on developing new algorithms that are resistant to attack by both traditional and quantum computers. PQC introduces a set of alternative algorithms that are based on solving different types of mathematical problems and believed to be resilient against quantum computing attacks. The recommended PQC algorithms are defined by NSA and are known as CNSA 2.0 cryptographic suite. CNSA2.0 recommends updating current cryptographic systems and future-proofing them against the advent of more powerful quantum computers.
Algorithm | Function | Specification | Parameters |
CRYSTALS-Kyber | Asymmetric algorithm for key establishment | FIPS PUB 203 | Use Level V parameters for all classification levels. |
CRYSTALS-Dilithium | Asymmetric algorithm for digital signatures | FIPS PUB 204 | Use Level V parameters for all classification levels. |
Secure Hash Algorithm (SHA) | Algorithm for computing a condensed representation of information | FIPS PUB 180-4 | Use SHA-384 or SHA-512 for all classification levels. |
Leighton-Micali Signature (LMS) | Asymmetric algorithm for digitally signing firmware and software | NIST SP 800-208 | All parameters approved for all classification levels. SHA256/192 recommended. |
Xtended Merkle Signature Scheme (XMSS) | Asymmetric algorithm for digitally signing firmware and software | NIST SP 800-208 | All parameters approved for all classification levels. |
Source: The Commercial National Security Algorithm Suite 2.0 and Quantum Computing FAQ
NIST Approval – FIPS for post-quantum cryptography (FIPS 203, 204 and 205).
- FIPS 203 – defines the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM), adapted from the CRYSTALS-KYBER project, to establish secure keys between parties over public channels. It enhances current cryptographic standards to protect communications like VPNs against quantum computing threats, with plans to extend similar protections to TLS. Current implementations in browsers like Chrome and Mozilla are experimental, paving the way for future quantum-resistant standards.
- FIPS 204 and FIPS 205 define advanced digital signature schemes essential for enhancing data integrity and authentication in the quantum era. FIPS 204 introduces the Module-Lattice-Based Digital Signature Algorithm (ML-DSA), derived from the CRYSTALS-Dilithium project, designed to provide secure digital signatures against quantum threats. Similarly, FIPS 205 outlines the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA), based on the SPHINCS+ submission, focusing on stateless operations to ensure robust security against modifications and to verify signatory identity. These standards are pivotal steps towards transitioning from current digital signature methods to quantum-resistant solutions, enhancing compatibility and security for future cryptographic applications.
Making VPN solution quantum safe
Today’s standard VPN solutions are based on algorithms that were considered most secure prior to the introduction of quantum computers. To ensure backward and forward compatibility and facilitate smooth security enhancements in the future, a few upgrades to the existing VPN standards utilized by VPN were defined.
With these modifications, VPN solutions can support both ‘legacy’ communication methods and the so-called ‘hybrid’ approach, where a classic key exchange scheme is followed by a quantum-safe alternative, ensuring that the entire data communication is quantum-safe.
Understanding Check Point’s ‘quantum safe’ VPN: Strongest Security Using RFC 9242 & RFC 9370
This blog explores the capabilities of Check Point’s VPN solution that secures sensitive traffic against inevitable quantum computing-based encryption cracking. This enhanced VPN solution delivers “quantum-safe” data communication. Traditional VPN solutions are aligned with RFC 7296 which was introduced years ago and does not protect against the advanced threats introduced by quantum computing.
New VPN Key Features: RFC 9242 and RFC 9370
RFC 9242 makes Intermediate Key Exchange 2 – IKEv2 enhancements by allowing it to handle larger blocks of data during the setup phase when security settings are established. This is crucial because the keys used in Post-Quantum Cryptography (PQC) are longer and therefore much safer than traditional keys. PQC is designed to be secure against much more powerful computers, including future quantum computers.
RFC 9370 updates RFC 7296 by letting multiple key exchanges happen when setting up a secure connection. This means up to eight different security checks can be done, making the connection very strong and flexible. This standard is great for adding layers of security to protect against future threats from quantum computers.
These standards augment the RFC7296 Internet Key Exchange Protocol Version 2 (IKEv2) to support up to eight rounds of key exchanges, enriching the protocol with one default/classic key encapsulation mechanism (KEM) and seven additional post-quantum (PQ) KEMs. This structured approach enables the creation of hybrid keys through intricate cryptographic profiles, facilitating robust negotiations between firewalls and their connected peers.
Security Enhancements with New Standards:
- Hybrid Key Technology: combines traditional key exchange algorithm encryption methods with emerging quantum-safe algorithms. The system initiates with a classical key exchange, i, e. Diffie-Hellman, followed by one or more layers of quantum-resistant key establishment using algorithms such as CRYSTALS-KYBER.
- Multiple Key Exchanges: options enhance security. This feature enables negotiating different “quantum-safe” algorithms, like various Kyber configurations, to secure the initial Diffie-Hellman exchange.
- Extendable Range of Key Exchange Methods: it is possible to use different algorithm families to secure data communication. This variety helps to protect VPN traffic against cryptographic attacks.
Check Point Support
Check Point is at the forefront of implementing Post-Quantum Cryptography (PQC) within our IKEv2 solutions, leveraging RFC 9242 and RFC 9370 to enhance the security of data transfers during the IKEv2 Security Association (SA) establishment phase. This advanced approach allows for the support of multiple PQC key exchanges, accommodating larger key sizes essential for quantum-safe communications.
Currently, we support the ML-KEM algorithm, specifically the flavors formerly known as Kyber512, Kyber768, and Kyber1024, which can be integrated into both phase 1 and phase 2 of our VPN setups via the API. By default, our MKE proposal configures two key exchanges: Diffie-Hellman group 15 and Kyber768, ensuring robust protection against potential quantum threats.
In addition to our VPN solutions, we are actively extending ML-KEM support to TLS, aiming for comprehensive quantum-safe security across all Check Point products. This initiative is in line with the latest CNSA 2.0 requirements and timelines, reflecting our commitment to maintaining security standards and supporting new signatures for digital certificates and software signing once these standards are finalized.
Check Point’s new security software release, R82 provides the latest NIST-approved quantum safe VPN protocols to fully safeguard today’s sensitive data. Join our early availability program.
Written by: Chaim Peer | Product Manager