Quantum computing, with its unparalleled processing power, promises to revolutionise technology but also poses a substantial threat to current encryption methods. At Thales, we are committed to anticipating these threats and evolving our products and services to ensure a quantum-safe future.
Strengthening Trust through Post-Quantum Cryptography (PQC)
Quantum computers have the potential to break the asymmetric cryptography that underpins much of today’s digital security, including the encryption methods used in electronic IDs, health cards, and travel documents. If not mitigated in advance, the advent of quantum computing will compromise the security and privacy of these critical assets. For instance, PKI-based authentication could be faked, digital signatures could lose their integrity, and encrypted communications could be decrypted by attackers.
Thales’ Commitment to PQC
In response to these challenges, Thales has been actively engaged in PQC research and development for over a decade. Our efforts gained momentum with France’s National Quantum Computing Plan, focusing on quantum sensors, communications, and PQC. We have contributed to various standardisation efforts and co-authored digital signature algorithms at the NIST as candidates for PQC standardisation.
Thales also coordinates the RESQUE consortium, which recently announced a three-year project to develop a PQC solution capable of protecting communications, infrastructure, and networks against future quantum-based attacks.
Making Mobile Connectivity Solutions Quantum Resistant
In the mobile connectivity ecosystem, Thales is adopting measures to ensure mobile connectivity solutions are quantum resistant, these include:
- Making the OS upgradable over the air post-issuance so that it can be updated with new algorithms when a product is already in use on the field.
- Integrating PQC algorithms in existing cryptographic security mechanisms, including hybrid cryptography, to comply with the latest recommendations from security agencies.
- Designing new hardware and software layers to onboard new high demanding PQC algorithms by increasing the processing power needed for the cryptographic operations.
One example of our proactive response to quantum threats includes a Mobile-to-Mobile PQC encrypted communication solution. “Cryptosmart,” a mobile application to secure calls created by ERCOM, a Thales company, was enhanced to provide protection against potential post quantum Harvest Now, Decrypt Later (HNDL) attacks through a hybrid cryptographic approach. This evolution utilises CRYSTALS-Kyber, a key exchange management algorithm approved by NIST, implemented natively in the SIM operating system. Thales developed and implemented the CRYSTALS-Kyber algorithm exclusively, without involving any third-party development. Notably, the solution focuses on confidentiality, protecting all interfaces on a phone, independent of network security, and is certified by NATO for end-to-end mobile communication security.
Case Study: SK Telecom
In collaboration with SK Telecom, the largest mobile operator in Korea, Thales explored solutions to preserve SKT users’ identities on a 5G network. Using a Thales 5G SIM with a PQC algorithm on a commercial smartphone within SK Telecom’s commercial 5G standalone network, protection of users’ privacy from future quantum threats was achieved, insulating against potential HNDL attacks. This trial, conducted under realistic conditions of authentication and usage, is seen as a significant advancement as it applied post-quantum encryption algorithms combined with hybrid certificates to protect subscribers’ identities, ensuring future-proof GDPR compliance by safeguarding users from potential location tracking.
The successful implementation of this trial necessitated:
- An upgraded 5G Trusted SIM able to generate a quantum-safe user identity concealment based on hybrid traditional asymmetric and PQC algorithm key exchanges.
- Upgrade of SK Telecom’s core network to handle PQC SUCI (user digital identity). This enabled the shielding of the user identity within the SIM, the exchange of PQC encrypted keys, and the de-concealment of the user identity on the core network side.
Thales’ Secure Solutions for a Connected World
Thales provides secure solutions for a connected world, focusing its efforts primarily on hardware (HW), embedded software (SW), and solutions that facilitate, manage, and provide security for cellular connectivity. At Thales, we specialise in products such as the SIM card, eSIM, and eSE (embedded Secure Element) which are integral to a wide variety of consumer and industrial devices, including Automotive and IoT.
The SIM and eSIM are structured in logical layers; the HW (chip) and a SW stack including an operating system as well as applets, integral for managing subscriber credentials, subscription details, settings, and, significantly, the security aspects. Thales also provides platform services, predominantly cloud-based, for updating SIM cards and managing connectivity.
To ensure our solutions are quantum-ready, Thales is pioneering PQC and implementing quantum-resistant algorithms across our products and services. This includes integrating PQC into our secure mobile applications and 5G SIM cards, providing robust protection against future quantum cyberattacks. Our hybrid cryptography approach combines pre-quantum and post-quantum defence mechanisms, ensuring that sensitive data remains secure even in the post-quantum era.
By adopting a crypto-agile strategy, Thales is proactively preparing for the challenges posed by quantum computing, safeguarding our customers’ data and communications against emerging threats.
Securing the Entire Mobile Connectivity Ecosystem
But it’s not only what Thales delivers that must be quantum protected. In the mobile connectivity ecosystem, data exchange happens at many points, between the core network, the end user, the service providers, the SIM/eSIM manufacturer, and the SIM/eSIM management platforms. The whole ecosystem needs to be protected. To secure these data exchanges, cryptographic algorithms and protocols shall be upgraded.
As quantum computing continues to evolve, it is crucial to stay ahead of potential threats and ensure the security of our digital identities and communications. Thales is dedicated to pioneering advancements in post-quantum cryptography to safeguard mobile connectivity and beyond. Stay tuned as we explore quantum-safe solutions across various industries, ensuring a secure future in the quantum era.
