Insights
AMiQuaSy: Quantum Safe Software Supply Chain Based on CI/CD Platforms
How can complex, heterogeneous IT networks be protected from quantum computers using the means currently at our disposal? This question is being addressed by the AMiQuaSy research project. Within the framework of this project, the consortium partners genua GmbH, XITASO GmbH and OTH Amberg-Weiden (a university of applied sciences) are investigating how the security processes of today's IT systems can be quickly adapted in the future to protect them against attacks from quantum computers.
Quantum computers are right around the corner – and in the foreseeable future will be able to open protective doors locked using currently effective cryptographic processes. It is therefore time to arm ourselves to ensure data security in the age of the quantum computer. After all, encryption methods and digital signatures are used for everything – from exchanging chat messages and visiting secure websites to shopping online and performing bank transfers.
Even debit card and smartphone payments in stores would not be secure without cryptography. To ensure that communications remain quantum-safe in the future, potentially vulnerable cryptographic processes must be quickly replaced with secure alternatives.
Quantum Resistant IT: On the Way to Implementation
Selecting suitable quantum-resistant algorithms is a big challenge, especially when it comes to existing, complex infrastructures – such as the Internet – into which are incorporated many different types of software, some of which are old or proprietary, and various cryptographic processes. There is no longer a small set of proven, efficient processes that suffice for all applications.
Moreover, post-quantum cryptography (PQC) processes have rarely been used so far, meaning that there is a lack of experience in this area. However, they are under constant development and several methods have proven feasible for the first steps of migration toward quantum-resistant IT. One example is the practical, trustworthy and secure mechanisms identified through genua's QuaSiModO research project – in the near future, it will be possible to operate quantum-secure virtual private networks (VPNs) using these mechanisms.
How Does a Smooth Transition to Quantum Resistant Systems Work?
Answering this question is the aim of the follow-up project AMiQuaSy (Agile Migration to Quantum-resistant Systems). A central component of this project is the migration to quantum-resistant processes and mechanisms in the context of secure software development. The recently discovered backdoor in the tool XZ Utils, which is also used in many other software products, demonstrates how seriously attacks on software supply chains must be taken.
The subject of the AMiQuaSy research is a platform for Continuous Integration and Continuous Delivery (CI/CD). A system of this kind enables software developers and manufacturers to continuously work on code and regularly provide functional software versions via a (semi-)automated test and distribution system. This practice-oriented and generalizable development platform does not just provide all programming levels that are worthy of protection: A development network of this type also includes many kinds of technologies, from individual systems on dedicated hardware to cloud services, and from secure web protocols to VPNs. As a result, even in this relatively manageable scenario, transferrable quantum-resistant solutions can be developed.
However, due to the lack of PQC solutions, it is first necessary to develop individual strategies to fulfill the variety of functionalities and requirements. As an initial step, the central components of a typical CI/CD platform must be secured. Here there is a lot of control over the systems and applications used – for example, thanks to open-source tools – so it is possible to draw conclusions regarding the behavior of individual systems and the overall system. The modified system is measured and analyzed in terms of stability, performance, interoperability and compatibility.
Interchangeable Crypto Modules as the Basis for Cryptoagility
In addition to this first research goal of developing suitable PQC-based systems in a wide range of application scenarios, cryptoagility concepts provide the second focus of genua's research. The integration of new processes or simply the use of bigger cryptographic keys repeatedly posed a challenge for IT even with classic processes.
As a result, especially with the emergence of PQC, a vision formed: cryptoagility. There are many definitions of this term, but the aims are similar. Firstly, to ensure that all IT systems can be updated, since unfortunately even this is still not a matter of course. Furthermore, interchangeable crypto modules should make it possible to migrate from a cryptographic process to a PQC process quickly and as easily as possible, even in mature, real-world network infrastructures. It should also be possible to quickly replace one process with another in the event that a security gap is discovered, thereby minimizing the security risk while also reducing a system's downtime. But these solutions are often highly complex to implement and therefore require a lot of research to ensure that the solutions developed are not only secure but also practical.
The results achieved are integrated into a demonstrator and evaluated to show the use of cryptoagility in the post-quantum context and the agile development approach in the CI/CD environment. The developed processes should secure the development platform used while also being transferrable to other systems and applications.
Insofar as the developments in the project concern open-source projects, the results will be fed back into the corresponding projects as far as possible and new developments will also be made available on an open-source basis. This is necessary so that the developments resulting from the project can be standardized and the project partners can continue utilizing them even after the end of the project.
The current IT infrastructure, especially the Internet and all connected networks, is outdated and contains legacy vulnerabilities. New technologies are constantly being integrated, but all the systems and communication protocols still have to meet old standards from the 1980s and 1990s. This confusing and extremely heterogeneous blend of different types of system generally makes it difficult to integrate security mechanisms. Migrations in this environment are often expensive and time-consuming, as demonstrated spectacularly by the introduction of IPv6. However, delays in post-quantum migration are significantly riskier. With post-quantum algorithms, overcoming the known hurdles is significantly harder in practice because post-quantum algorithms mostly have higher requirements such as larger data structures and more computing power, they generally need to be used at least in a hybrid format in conjunction with a classic process rather than alone, and future changes need to be made simpler via cryptoagility. Therefore, progress can only be achieved gradually – by looking at smaller scenarios and consulting with standardization committees and the competent authorities.
What Makes a CI/CD Platform Suitable?
You have to choose one of the many different problems to focus on in order to answer the relevant questions in a targeted manner. CI/CD platforms are an important and increasingly popular basis for software development. However, a platform of this kind uses many different technologies, which also have practical relevance in other contexts. Thus, you can test one system while also developing transferrable solutions that are relevant to many applications. Another big advantage is that in this area, there are multiple popular open-source projects that can be used as a basis.
What Role Does the Open Source Community Play?
The migration to post-quantum cryptography is not just a technological challenge, but also an organizational one. Not only must authorities, standardization committees, universities, manufacturers and also users worldwide work together to develop solutions so that these have a chance of being used in practice, but also these solutions must actually be implemented in applications. When researching and investigating a topic in a holistic manner, a particular challenge is posed by dependencies resulting from proprietary solutions, since you are reliant on the associated manufacturers and their timely cooperation. It is far more practical when, as in the CI/CD context, important systems are available on an open-source basis. This enables potential solutions to be implemented and tested immediately. If, over time, solutions prove to be secure and practical, these can be offered to the open-source projects to directly generate added value for the general public.
What Stage Is the Research Project Currently At?
After an initial literature review, which reflected the current state of knowledge on PQC solutions and an associated migration, multiple strands began in parallel. On the one hand, the project is currently working on creating a crypto inventory. It is therefore necessary to find all places where cryptography is used in communication protocols and on systems. This can mean analyzing network traffic, looking at individual computers or surveying administrators. In addition, the project is evaluating this data and using it for network modelling so that the migration concepts can also be planned and tracked on an abstract level. Also, the first small tests were already carried out on the gitlab CI/CD platform. Moreover, a CI/CD platform like this is a complex construct made from a wide range of software, which is also being inventoried and will then be gradually adapted.
Related links
[1] To the BMBF (German Federal Ministry of Education and Research) project page for AMiQuaSy: The project is supported as part of the "KMU-innovativ" initiative of the German Federal Ministry of Education and Research.
[2] To the project page for the previous project, QuaSiModO
[3] Article: Watch Out, Crypto Hackers: The Gradual Progression to Quantum-Safe Cryptography