Post-Quantum API Security: Preparing your APIs for Q-day Francois Lascelles, Distinguished Engineer at Broadcom and CTO at Layer7 Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

1. Post-Quantum API Security
Preparing your APIs for Q-day
April 30, 2024
Francois Lascelles
API Security CTO, Broadcom

3. • Our digital world relies on secure
communications and privacy of data at
rest
– Authentication, authorization, encryption,
integrity
– In the foundation of this security is public key
cryptography
– Using ubiquitous algorithms RSA, EC, …
Understanding the Quantum Threat
Today Q-day
• When quantum computing becomes
available1
– Using Shor’s algorithm and a few
thousand stable qubits
– You can easily break RSA, EC
– Services relying on these common
standards would be left open to breach,
impersonation, fraud, etc
011010
1 We’ll get back to that

4. • You won’t need a Quantum computer to protect against a Quantum computer
attack
• Post-quantum crypto (PQC)
• Quantum-resistant
• Compatible with today’s infrastructure
• Standards
– NIST formalizing PQC algos this year (2024)
What is the solution?
Don’t Panic

5. – Secure connections
– Identity introspection, JWKS
– Data access
– Shared state (KV, counting)
– Microservices
– Client-server
– Access control mechanisms
– Authentication (JWT)
– Subject confirmation (mTLS, signatures)
– Token mediation
API specific exposure
API Secure Connection Points and Access Control Mechanisms Affected
API
Client
Data
Identity
State

6. Example API exploit: JWT based API access control
Identity
App
+
User
API
Authenticate, get JWT
Call API with JWT
Get JWK
(public key)
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022,
"scope”: ”limited”,
”group”: ”tenant1"
}
I trust the JWT and its
claims because the
signature proves possession
of a private key associated
with the public one
011010
Get JWK
(it’s public)
{
"sub": "1234567890",
"name": "whomever",
"iat": ”whenever",
"scope”: "whatever”,
”group”: ”any_claim"
}
• Apply Shor
• Deduct the private key
• Forge my own tokens
• Claiming any identity
• Claiming any permissions
• Setting any expiration
• As many as I want
• Whenever I want
Call API with JWT
Legit JWT Forged JWT

7. • To counter this threat, token issuer
need to switch to PQC
– Token issuers need to be able to sign
tokens utilizing these new standards
• Resource servers need to be able to
validate those PQC signatures
• The standards that specify JWT
signing need to evolve to
accommodate this
– JWT -> JWS -> JWA
Post-quantum JWT

8. • Fork Jose4J
– Add Dilithium
• Register PQC provider
– security.provider.xx=BCPQC
• Rebuild L7 Gateway
• Add policy for token creation
• Add policy for token validation
Let’s try it!
PQC JWT POC

9. It works!

10. How does Dilithium perform compared to RSA2048?
Is there a PQC tax to pay?
Not bad
Token size 3.6KB
vs < 1KB

11. • While the bar is dropping to crack today’s security, quantum computers are getting
stronger, faster
Timeline
When is Q-Day?
 2019 Google Sycamore
53 qubits
 2022 IBM Osprey
433 qubits
 2023 IBM Condor
1121 qubits
 203X (?)
1M qubits (?)

12. Timeline
Working backwards from Q-Day
Q-day
total
remediation
duration
secure-for
period
Deadline to
start PQC
retrofit
• How long it takes to retrofit your
infrastructure
• Harvest now, decrypt later
• How long is a secret going through your
API subject to privacy?
• Intercepting API traffic is in some cases,
an easier target than data at rest

13. • Some of the most critical targets tend to be large organizations
– Government-managed infrastructure systems
– Large private corporations
• The same organizations can be slow to adapt
• Some environments have very complex multi-layered architectures
• Some legacy infrastructure may lack the required crypto-agility
• You can’t flick the switch for all systems at once
– Therefore, there needs to be a period of overlapping support
– This adds to the scope
Time to retrofit
(In some cases, this will take years)

14. • See: Quantum-readiness – Migration to post-quantum crypto
– NIST, CISA, NSA
• Assign a team to plan and scope the migration
• Prepare a crypto inventory
– Where and how is crypto used in your organization
• Prioritize
– Most likely or damaging targets
• Discuss with technology providers
– Demand crypto-agility
Establish a quantum-readiness roadmap