One of the speakers at IDnext ’21 is Roland van Rijswijk. He is professor of measurement-based Internet Security at the University of Twente in The Netherlands. His research interests include the security of core Internet infrastructures, such as the Domain Name System and Routing, and the transition of Internet trust infrastructures to quantum-safe cryptographic algorithms at an Internet-wide scale.
In a short interview we asked Roland about quantum computing. How does quantum computing relate with Digital Identity, and what will be his main message in his speaking session at the IDnext event?
If you need to explain quantum computing in few sentences, what will that be?
Quantum computing is a new type of computing that relies on the physics of quantum mechanics. Where “regular” computers rely on bits with only the states 0 and 1, quantum computers use so-called qubits that can take on a state that is 0 and 1 simultaneously. This enables new types of algorithms to be implemented that researchers believe can solve certain mathematical problems much faster than regular computers.
How does quantum computing relate with digital identity?
One of the algorithms that a sufficiently powerful quantum computer can solve, makes it possible to trivially break current public key cryptography (e.g., the RSA algorithm or elliptic curve cryptography). These public key algorithms form the basis for the security of the modern Internet, including many types of digital identity in one form or another. While it remains to be seen if a sufficiently powerful quantum computer can even be developed, if that were to happen, the Internet would need to re-think much of its security, and many digital identities might become unusable overnight. Fortunately, researchers and standards bodies are working hard on new public key cryptography algorithms that are quantum safe. In other words: algorithms that they believe cannot be easily broken, even if a sufficiently powerful quantum computer becomes available.
What will be your main message in your speaking session at the IDnext event?
The development of quantum-safe public key algorithms, also colloquially referred to as “Post Quantum Cryptography” (PQC) is accelerating. The National Institute of Standards and Technology (NIST) in the US is running a competition challenging researchers to come up with secure PQC algorithms. This competition has entered its final phase, meaning that standardised PQC algorithms are on the horizon. This is going to impact the Internet industry, as these algorithms will need to be deployed, and this brings new challenges (as these algorithms sometimes differ significantly from current practice). In my talk, I will discuss these challenges in the context of digital identity, including a call for action by identity management vendors to assess how to best prepare their systems for the deployment of PQC algorithms.