The National Security Agency is assisting with an effort to define a new encryption standard that's unbreakable by the quantum computers of the future, and the agency has promised it won't build secret vulnerabilities into the standard.
The NSA has worked with the National Institute of Standards and Technology to create a post-quantum encryption standard. Rob Joyce, the NSA's director of cybersecurity, recently told Bloomberg News that there "are no back doors."
Joyce's comments raised some eyebrows in the cybersecurity community, given that a back door would benefit the NSA's work to monitor communications of terrorism suspects and other targets. NIST in 2014 abandoned an encryption algorithm with a suspected back door used by the NSA.
The NSA has national security interests that depend on strong encryption, but it also has competing interests in conducting surveillance on a wide range of targets, some cybersecurity experts noted.
"Absolutes are difficult to promise, especially in information security, so I do give pause to any notion of no back doors by the government," said Charles Denyer, a cybersecurity adviser and author. "If there's a vested interest in a back door, and obviously there is for the NSA, it would be hard to assume it would be eliminated."
NIST began focusing on encryption that is resistant to quantum computers in 2016 by asking researchers to submit ideas for new encryption algorithms. While full-scale quantum computers are still years away from reality, cybersecurity experts have worried that the massive increase in computing power from quantum computing would allow attackers to break encrypted communications within seconds or minutes — compared to, in some cases, years or decades using today's computers.
Quantum computing could make it "trivial" to break current encryption schemes, said Mike Parkin, a senior technical engineer at Vulcan Cyber, a cybersecurity provider.
The NSA has some incentive to leave back doors in encryption, Parkin told the Washington Examiner.
"The NSA has some of the finest cryptographers in the world, and well-founded rumors have circulated for years about their efforts to place back doors in encryption software, operating systems, and hardware," he said. "Whether it's in the name of law enforcement or national security, the authorities have a long-running disdain for encryption."
Encryption developers need to balance the needs of private citizens with the needs of national authorities, he added.
An NSA spokeswoman declined to comment on NSA's work with NIST on the quantum computing standard or expand on Joyce's comments about back doors.
However, a NIST spokesman said NSA's involvement in the project is "limited." The NSA provided feedback as a stakeholder on its "priorities and plans for post-quantum cryptography in national security systems" and on related efforts in standards development organizations, such as the Internet Engineering Task Force, he said.
The algorithms submitted for this program were designed by teams of researchers from around the world, the NIST spokesman noted. The NSA did not submit any algorithms or participate in these teams.
In addition, all materials and submissions for the post-quantum computing program have been reviewed by the global cryptographic community. "This open analysis helps ensures the strength and correctness in our work," he told the Washington Examiner. "It also ensures that any weaknesses or flaws in the algorithms are identified before the standard is finalized."
NIST plans to announce the algorithms selected for the new standard in the next few weeks. After that, it will take about a year to write draft standards, which will then be opened up to public comment. NIST expects to publish finalized standards in 2024.
With the public vetting of the encryption algorithms submitted to NIST, it will be difficult to embed back doors in any standards the agency approves, some cybersecurity experts said.
"Back doors are only possible when you are obscuring things," said Vince Berk, the chief revenue and strategy officer at Quantum Xchange, a cybersecurity vendor focused on encryption. "Crypto algorithms are just that — algorithms. [Encryption] implementations can be made by anyone, and that is usually when the back doors go on."
It's important to develop a new encryption standard that resists attacks from high-powered computers, he added. Cryptographic technology, including the public-private key encryption used widely on the internet, is based on a related set of math problems, he noted.
"This creates a monoculture, and monocultures are susceptible to pandemics," he told the Washington Examiner. "More specifically, it is not just quantum computers, but new math or even implementation mistakes may see a lot of our current crypto systems come tumbling down. Creating a larger set of hard crypto math problems to diversify our cryptography is a very wise move."