Steve (X9): Today's presentation on "Spooky" Quantum Computing
Steve: X9 has been around for 40
years; originally part of the American Bankers
Association
... originally created for check standards (and we still do
that)
... checks are not dead - Fed data from 2017 - banks processed
19 Billion checks
... we also did financial instrument numbering
... today we have a much broader remit and are independent on
the ABA
... we do mobile banking, mobile commerce, data breach work and
notifications, legal order processing, ...anything where
financial institutions provide data....also involved in ISO
20022
... we are ANSI-accredited
... some standards have cryptographic components to them
... that caused people to get worried about the impact of
quantum computing on crypto
... so a couple of years ago we created a committee on
this
... we spent 9-10 months researching the question
... we came up with some reasons why people should care about
quantum computing
... RSA crypto is commonly used on the Internet
... a key length of 2048 bits is one of the longest and most
secure. There are approximately 10^615 solutions
... there are only 10^80 atoms in the known universe
... best classical computer would take five quadrillion years
to break this code
... however estimated that a large stable quantum computer
would break the code in 5 minutes
[Overview of classical computers]
Steve: Classical computers are
bad at simulating the weather, drug/chemical interactions,
solving crypto problems, and more
... when you can't simulate interactions of chemicals you need
to do trials
[Overview of Quantum computers]
Steve: Good at complex math
problems.
... leverages natural actions of subatomic particles
... typically electrons; phosphorous atoms frequently
used
... they introduce EM fields to change the electron state
... you can also use a photo
... anything with a spin
... Einstein predicted the spooky action at a distance ... he
didn't think it was possible to do this and he thought he was
wrong; but he was proved right
... a quantum computer uses a quantum bit (quit) to store
data
... some interesting phenomena:
- entanglement: qubits interact ... we don't know how
Steve: in China they have
created networks based on entanglement
... there's no physical connection between the two yet they
communicate (securely)
... in China the nodes are 200km apart; data is not encrypted
en route.
... even did some experiments with a qubit in space (26k miles
away)
... they continued to communicate and changed states at exactly
the same time
... Superposition - qubits can store 0, 1, any value between,
and all values at the same time
... Shyness - qubits change behavior when observed.
... each time you add a qubit you double computing power
... quantum computers are good at simulating natural phenomena
and crypto problems
... can also come up with multiple solutions to a problem
simultaneously
... please note that the quantum computer itself is not FASTER
than a classical computer, it just does things in parallel so
reduces the number of operations
... first QC was demonstrated in 1998
... there are real QC today..they are expensive and cost a lot
to operate (e.g., $100k/hour to operate)
... a variety of companies and gov agencies are investing
... the largest QC today is 72 qubits
... there are rumors of others in the works
... quantum computers work mostly on asymmetric systems.
[Example showing yellow ball immediately visible among lots of blue-colored ones]
[Using touch to find the yellow one which has a flat area...v. just seeing the distinct color immediately]
Steve: quantum computing sees all the solutions at the same time and merely chooses the correct one.
[Shor's algorithm]
Steve: Based on patterns (rather
than weaknesses) can break the algorithm.
... based on GCD algorithm
... Fourier transforms used to enable computation in frequency
domain
... use destructive interference (analogous to the way a
noise-canceling headset works).
... Shor's algorithm causes the wrong answers to be canceled
out
... the algorithm will produce the correct under approximately
37% of the time.
... you can run it 10 times or so to get the correct
answer.
... there's a good YouTube algorithm on Shor's algorithm (see
slides for URL)
... you would need about 2000 qubits to quickly break the
algorithm.
... a 50-qubit QC is equivalent to today's best classical
computer
... but QC's need to operate a 4/1000 of a degree Kelvin
... they only run for about 1 second (due to thermal
noise)
... people are trying to solve these problems today
... estimated time to have a large scale stable QC: 10-15 years
and $25-%30 billion
... so a big question is whether today's stored information
will be safe in 10-15 years
... NIST is working on quantum-safe algorithms; they have 26
candidates today
RECOMMENDATIONS:
* Use AES for symmetric encryption use 256-bit key
* Use symmetric methods where possible; harder for QC to break
Steve: We are continuing our
review; we have two standards in process today
... for white paper see https://x9.org/quantum-computing/
Manu: I'm wondering what's
next
... What is the adoption path for the financial industry?
Steve: We are waiting on NIST
vetting. We will update our standards to represent those
algorithms selected by NIST
... then banks and financial institutions and everyone else
will have to make a plan to update and roll out the new
algorithms.
... we anticipate 11 years at least to get things moved
over
... there's a study out there that if a nation-state wanted,
they could put up $30B and have a 2000-qubit system in 5
years
... so let's say that true quantum exists in 5-7 years, so we
have a potential problem
... I think the effort won't take hold until things are a bit
clearer.
... I fear people will only react when a 1000-qubit machine
appears
<manu> ... and then there's stuff like this -- https://www.scientificamerican.com/article/a-new-law-suggests-quantum-supremacy-could-happen-this-year/
Steve: so I fear we will have a
tough period in there.
... The White paper (about 100 paper is available at no cost
from our site)
[Troy Leach presenting]
[Background on PCI security Standards]
Troy: We have 15 standards either
published or being revised
... PIN security
... card production
... token service provider
... a number of device-focused standard
... including 3DS SDK
... We are working on new ways to secure data
... because of saturation of EMV Chip cards and other tools we
can create dynamic data and real-time risk analysis
... we have improved authentication (more factors)
... we've created some new standards beyond just
confidentiality to look at authentication, validation of data,
and are working on:
- objective, outcome-based results
- ability to offer payment validation in hostile environments such as a general mobile phone
- new card data environments
[What will next generation of PCI standards provide?]
[Software security framework]
Troy: published earlier this
year
... program requirements are out; labs are being validated to
those criteria
... we have two standards for this:
* Secure software standard (objective criteria)
* Secure software lifecycle standard (I'm very excited about this; in development for 7 years))
* Validation framework
Troy: how do we demonstrate
that a development practice is secure and maintains those good
habits
... the validation framework helps to address that
[PCI PA-DSS]
Troy: Software validation is
migrating to the software security program
... PCI PA-DSS was created for a subset of payment
applications, specifically those that would help minimize
compliance burden for merchants
... it was focused mostly on applications in specific industry
sectors and very focused on applications that were within a
niche in a POS environment
... the new standard allows us to grandfather existing
applications, but allows for a greater breadth of applications
that can qualify
... we expect to retire PA-DSS by mid-2022
... we will work with vendor application developer community on
this
... we hear that they are pleased with the new approach; thus
incentive to migrate
[Objective-based requirements]
BENEFITS: suited for
organizations with demonstrable maturity of risk management
program
... supports adoption of cutting-edge technologies
CHALLENGES:
- broader variance among implementations
- more open to subjective interpretation
Troy: we have worked a lot on how to improve consistency for evaluation
[PCI DSS v4.0]
Troy: We are doing a major
revision to PCI DSS, expected late in 2020
... the draft will go to RFC in Q3 or Q4
... we want to ensure that what we do will be sustainable
... some things we've heard: using MFA for some data,
eliminating some passwords for some data
... we've provided guidance on our site in the interim
... another focus for us has been on the question of whether
all forms of data should be encrypted in transit
... our requirements have referred to exemptions for non-public
environment
... we are considering whether encryption should be used
regardless of environment
... but also thinking about risk v. cost
... PCI DSS last updated 6-7 years ago
... it's always a struggle due to cost that can be associated
with changes to the standard
we have some design goals for v 4.0
- requirements continue to meet security needs of payment industry
- add flexibility and support of additional methodologies
-promote security as a continuous process
- enhance validation reporting
[Timeline for PCI DSS v.4]
- two years of development and release
Troy: hope to release in late
Q4 2020
... Data security essential validation (method)
... gradient now for merchants to fill out, to support honest
conversations (not just binary)
... change in security emphasis:
- Leverage software and remote attestation
- more objective assessments
- more opportunity to use security validation for multiple purposes (use once for multiple entities)
- reduce and devalue the use of static data
[Software-based PIN entry on COTS key principles]
Manu: How are we tying together the work at W3C and PCI?
Troy: for the work that was
developed, we worked with a lot of different groups. Ian and I
had preliminary conversations
... some of those conversations were not incorporated; NIST has
also created some security requirements; X9 as well
... a lot of work went into coordinate among NIST, X9
... we have approximately 1200 members globally (target of
RFCs)
... several thousand people are involved
... I think more collaboration would be in order in the
future
Ian: Future collaboration could happen through the Web Payment Security IG
dezell: Troy are you recommending how crypto can be upgraded on short notice (in light of quantum)
Troy: It's a struggle
Troy: It is often very challenging to deprecate approaches; (troy cites previous SSL migration challenge)
<manu> A HUGE THANK YOU to David and Ian for running the Web Payments IG... it was a good run, with at least three shining successes -- Web Payments, Verifiable Credentials, and spinning off further groups to make payments faster and more secure over the Web!
<manu> Thanks for all the hard work, everyone!
IJ: Thanks to all for this call and over the years!
dezell: We'll keep the list open if people have new ideas
IJ: I will be updating the IG's home page with details about where to bring info moving forward
[Adjourned]