All Things Open, profile picture
Uploaded byAll Things Open
PDF, PPTX96 views

Building Quantum-Safe Applications with Open Source Tools

The document outlines strategies for building quantum-safe applications using open-source tools, emphasizing the importance of post-quantum cryptography and risk mitigation. It covers key aspects such as understanding risks, protecting applications, and integrating quantum-safe algorithms into existing systems. Additionally, resources for further learning and inventorying cryptographic assets are provided.

Embed presentation

Download as PDF, PPTX
Building Quantum-Safe Applications with Open Source Tools Paul Schweigert IBM psschwei.com
Agenda 1. Understand the Risk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
1. Understand the Risk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
Hard problems (NP) Why quantum? Quantum easy Quantum easy Easy problems (polynomial)
Ex: Shor’s algorithm for factoring
Source: GlobalRiskInsitute.org
1. Understand the Risk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
Open Source https://pqca.org To advance the adoption of post- quantum cryptography, by producing high-assurance software implementations of standardized algorithms, and supporting the continued development and standardization of new post-quantum algorithms with software for evaluation and prototyping.
PQ Code Package Open Quantum Safe project Library of many PQ algorithms • Main profile: standards- track algorithms • Experimental profile: new algorithms, NIST signatures on-ramp etc. Initial Projects Overview “Kyber” code package High-assurance production source-code implementations of Kyber • C, x86_64, ARMv8, … • Rust, Go, … • audited/certified/formally verified Plus appropriate wrappers / providers, e.g. Kyber OpenSSL 3 provider OQS OpenSSL 3 Provider Integration of PQ + hybrid algorithms from liboqs into OpenSSL 3 via OpenSSL provider interface • TLS key exchange, authentication • X.509 • S/MIME, CMS, CMP OQS demos Prototype integrations of PQ into protocols and applications to support experiments, standardization, interoperability Potential Phase 2 projects • Dilithium • XMSS, LMS • SPHINCS+ • Falcon (-> Phase 3?) Production track: safe for use in production environments, with external audits or certification Experimental track: primarily for prototyping and experiments, mindful of potential production use liboqs
Becoming Quantum Safe Discover: Scan source and object code to locate cryptographic assets, dependencies, and vulnerabilities. Build a cryptography bill of materials (CBOM). Observe: Create a dynamic cryptographic inventory to guide remediation. Analyze cryptographic posture and compliance to prioritize risks. Transform: Learn and apply quantum-safe remediation patterns in a development environment. Prepare to deploy quantum-safe solutions to your stack.
1. Understand the Risk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
https://www.ibm.com/quantum/blog/iqp-quantum-safe
3. Be Prepared Public Internet User Internal Network Client Web Application Firewall Entrypoint Application Application 2… Quantum Safe Flow High Level View
Quantum Safe Client: Configuring OpenSSL 18 • Install liboqs & oqs-provider • https://github.com/open-quantum-safe/liboqs • https://github.com/open-quantum-safe/oqs-provider • Configure OpenSSL to use Kyber algorithm
Quantum Safe Service Mesh: Updating Istio 19 • Envoy • QSafe BoringSSL: https://github.com/google/boringssl/blob/45cf810dbdbd767f09f8cb0b0fcccd342c39041f/src/ssl/ssl_key_share.cc#L285-L293 • Istio • Add QSafe supported group: https://github.com/istio/istio/commit/7635f7ea50514958518eb17b631682f953e723cc • Secure mesh traffic: https://github.com/istio/istio/issues/52290
Kubernetes Pod Kubernetes Pod Quantum Safe Flow WAF QS Client User (Laptop) Existing Components Non- QS API GW QSafe TLS - X25519Kyber768 Legacy TLS - X25519 Layer-4 VPC LB Client containing required libraries supporting OpenSSL 3 and QSafe Providers Public Cloud Non-QS Client Remediations Standard setup QSafe Istio ingress QSafe Side Proxy QSafe Side Proxy Pattern repeats for other services Detail View
1. Understand the Risk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
Next Steps Learn about post-quantum cryptography Start inventorying your crypto
Next Steps Learn about post-quantum cryptography Start inventorying your crypto https://learning.quantum.ibm.com/course/practi cal-introduction-to-quantum-safe-cryptography https://github.com/IBM/CBOM
Building Quantum-Safe Applications with Open Source Tools

More Related Content

PDF
Open Source Post-Quantum Cryptography - Matt Caswell
byAll Things Open
 
PPTX
Quantum Safety in Certified Cryptographic Modules
byOnBoard Security, Inc. - a Qualcomm Company
 
PDF
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
byapidays
 
PDF
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
byBlueHat Security Conference
 
PPTX
Tears for quantum fears
byMark Carney
 
PDF
Surveying the Open Quantum Landscape: Open source tools for quantum computing
byAll Things Open
 
PDF
Quantum_Safe_Crypto_Overview_v3.pdf
byRonSteinfeld1
 
PDF
SecDevOps for API Security
by42Crunch
 
Open Source Post-Quantum Cryptography - Matt Caswell
byAll Things Open
 
Quantum Safety in Certified Cryptographic Modules
byOnBoard Security, Inc. - a Qualcomm Company
 
Apidays New York 2024 - Post-Quantum API Security by Francois Lascelles, Broa...
byapidays
 
BlueHat v18 || Record now, decrypt later - future quantum computers are a pre...
byBlueHat Security Conference
 
Tears for quantum fears
byMark Carney
 
Surveying the Open Quantum Landscape: Open source tools for quantum computing
byAll Things Open
 
Quantum_Safe_Crypto_Overview_v3.pdf
byRonSteinfeld1
 
SecDevOps for API Security
by42Crunch
 

Similar to Building Quantum-Safe Applications with Open Source Tools

PDF
Quantum Hardware Hacking
byMark Carney
 
PPTX
Shravani_PPT_cdffetgsfwith_imagssde.pptx
bydeadly1320
 
PDF
Quantum Leap in Next-Generation Computing
byWSO2
 
PPTX
Post-Quantum Cryptography… or how Kai almost hacked a banking app​
bymparramon1
 
PDF
My key hands-on projects in Quantum, and QAI
byVijayananda Mohire
 
PPTX
v2 Quantum_Safe_Cryptography_Presentation.pptx
bydyhodcse
 
PPTX
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
byShane Coughlan
 
PDF
Quantum threat: How to protect your optical network
byADVA
 
PPTX
OpenChain Monthly Meeting North America - Europe - 2023-02-07
byShane Coughlan
 
PDF
Quantum Computers and Where to Hide from Them
bymapmeld
 
PDF
Post-Quantum Cryptography, or how Kai almost hacked a mental health app
byMiguel Parramón Teixidó
 
PPTX
Quantum Cryptography
byThe Cryptography Centre For Excellence
 
PPTX
Securing the Internet of Things
byPaul Fremantle
 
PPTX
Learn how to addressing medical and industrial challenges with BlackBerry QNX...
byQt
 
PPTX
IoT Tech Expo 2023_Marcelo Pasin presentation
byVEDLIoT Project
 
PDF
HIS 2017 Paul Sherwood- towards trustable software
byjamieayre
 
PDF
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
byWSO2
 
PPT
Cern Security UAB-2009
byGustavo Martinez
 
PDF
Night of the living vulnerabilities: forever-days of IoT - Stefano Zanero, Ro...
byCodemotion
 
PDF
Night of the living vulnerabilities: forever-days of IoT - Stefano Zanero, Ro...
byCodemotion
 
Quantum Hardware Hacking
byMark Carney
 
Shravani_PPT_cdffetgsfwith_imagssde.pptx
bydeadly1320
 
Quantum Leap in Next-Generation Computing
byWSO2
 
Post-Quantum Cryptography… or how Kai almost hacked a banking app​
bymparramon1
 
My key hands-on projects in Quantum, and QAI
byVijayananda Mohire
 
v2 Quantum_Safe_Cryptography_Presentation.pptx
bydyhodcse
 
OpenChain Monthly Meeting 2023-02-21 (North America and Asia)
byShane Coughlan
 
Quantum threat: How to protect your optical network
byADVA
 
OpenChain Monthly Meeting North America - Europe - 2023-02-07
byShane Coughlan
 
Quantum Computers and Where to Hide from Them
bymapmeld
 
Post-Quantum Cryptography, or how Kai almost hacked a mental health app
byMiguel Parramón Teixidó
 
Quantum Cryptography
byThe Cryptography Centre For Excellence
 
Securing the Internet of Things
byPaul Fremantle
 
Learn how to addressing medical and industrial challenges with BlackBerry QNX...
byQt
 
IoT Tech Expo 2023_Marcelo Pasin presentation
byVEDLIoT Project
 
HIS 2017 Paul Sherwood- towards trustable software
byjamieayre
 
Quantum Threats Are Closer Than You Think – Act Now to Stay Secure
byWSO2
 
Cern Security UAB-2009
byGustavo Martinez
 
Night of the living vulnerabilities: forever-days of IoT - Stefano Zanero, Ro...
byCodemotion
 
Night of the living vulnerabilities: forever-days of IoT - Stefano Zanero, Ro...
byCodemotion
 

More from All Things Open

PPTX
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
PDF
Rolling out Enterprise AI: Tools, Insights, and Team Empowerment
byAll Things Open
 
PPTX
AI and Linux in 2025 - Jay LaCroix, Learn Linux TV
byAll Things Open
 
PDF
Unconventional Backgrounds: The Secret Sauce of Diversity
byAll Things Open
 
PDF
With AIs Wide Open… - All Things Open 2025
byAll Things Open
 
PDF
Incorporating AI Into Your SDLC: Leveraging AI tooling across the phases of y...
byAll Things Open
 
PDF
Keynote: X-rAI Specs, Submarines and Juice
byAll Things Open
 
PDF
Authoring a GNOME Shell Extension: A Developer's Journey as an Open-Source Pr...
byAll Things Open
 
PDF
AI-Driven DevOps: How LLMs and Agents Are Changing Software Delivery
byAll Things Open
 
PDF
Developing Kubernetes Integrations for the On-Premises Cloud
byAll Things Open
 
PPTX
What If the Quietest Person is the Smartest in the Room?
byAll Things Open
 
PDF
ERG as a Bridge: Driving Inclusion in Open Source
byAll Things Open
 
PDF
The Missing Link to Inclusion and Performance
byAll Things Open
 
PDF
Linux Command-line Tips and Tricks - ATO 2025
byAll Things Open
 
PDF
Supply Chain Robots, Electric Sheep, and SLSA
byAll Things Open
 
PDF
Everything You Need to Know About Running LLMs Locally
byAll Things Open
 
PDF
Agentic AI, Interoperability, and Automation: Lessons from the Past, Visions ...
byAll Things Open
 
PDF
Tech Hiring Is Not Dead - You Just Actually Have To Try
byAll Things Open
 
PDF
Agentic AI for Developers and Data Scientists Build an AI Agent in 10 Lines o...
byAll Things Open
 
PPTX
Big Data on a Small Budget: Scalable Data Visualization for the Rest of Us - ...
byAll Things Open
 
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
Rolling out Enterprise AI: Tools, Insights, and Team Empowerment
byAll Things Open
 
AI and Linux in 2025 - Jay LaCroix, Learn Linux TV
byAll Things Open
 
Unconventional Backgrounds: The Secret Sauce of Diversity
byAll Things Open
 
With AIs Wide Open… - All Things Open 2025
byAll Things Open
 
Incorporating AI Into Your SDLC: Leveraging AI tooling across the phases of y...
byAll Things Open
 
Keynote: X-rAI Specs, Submarines and Juice
byAll Things Open
 
Authoring a GNOME Shell Extension: A Developer's Journey as an Open-Source Pr...
byAll Things Open
 
AI-Driven DevOps: How LLMs and Agents Are Changing Software Delivery
byAll Things Open
 
Developing Kubernetes Integrations for the On-Premises Cloud
byAll Things Open
 
What If the Quietest Person is the Smartest in the Room?
byAll Things Open
 
ERG as a Bridge: Driving Inclusion in Open Source
byAll Things Open
 
The Missing Link to Inclusion and Performance
byAll Things Open
 
Linux Command-line Tips and Tricks - ATO 2025
byAll Things Open
 
Supply Chain Robots, Electric Sheep, and SLSA
byAll Things Open
 
Everything You Need to Know About Running LLMs Locally
byAll Things Open
 
Agentic AI, Interoperability, and Automation: Lessons from the Past, Visions ...
byAll Things Open
 
Tech Hiring Is Not Dead - You Just Actually Have To Try
byAll Things Open
 
Agentic AI for Developers and Data Scientists Build an AI Agent in 10 Lines o...
byAll Things Open
 
Big Data on a Small Budget: Scalable Data Visualization for the Rest of Us - ...
byAll Things Open
 

Recently uploaded

PPTX
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
PDF
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
PDF
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
PDF
Lightweight, Travel-Ready Freedom for Adults and Seniors
byTopmate
 
PPT
Database Management Systems: Basics, History, Data Models, etc.
byParithi Thamizh
 
PDF
Teaching Robots how to Read 1/2: AI Center & Classic Document Understanding (...
byanabulhac
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PPTX
Accelerate Innovation with Engineering R&D Services
byChetu
 
PDF
Best 10 Dedicated Servers in Amsterdam, Netherlands (2026 Enterprise Edition)...
byAtal Networks
 
PDF
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PDF
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
PDF
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
PDF
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
PDF
TopMate ES32 Electric Trike: A Smart Mobility Solution for Comfortable Everyd...
byTopmate
 
PPTX
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
PDF
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
PDF
Safer’s Picks: Recent FME Enhancements with Big Everyday Impact
bySafe Software
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfortable, Stable Mobility for Every...
byTopmate
 
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
Lightweight, Travel-Ready Freedom for Adults and Seniors
byTopmate
 
Database Management Systems: Basics, History, Data Models, etc.
byParithi Thamizh
 
Teaching Robots how to Read 1/2: AI Center & Classic Document Understanding (...
byanabulhac
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
Accelerate Innovation with Engineering R&D Services
byChetu
 
Best 10 Dedicated Servers in Amsterdam, Netherlands (2026 Enterprise Edition)...
byAtal Networks
 
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
TopMate ES32 Electric Trike: A Smart Mobility Solution for Comfortable Everyd...
byTopmate
 
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
Safer’s Picks: Recent FME Enhancements with Big Everyday Impact
bySafe Software
 
TopMate ES11 3-Wheel Electric Scooter: Comfortable, Stable Mobility for Every...
byTopmate
 

Building Quantum-Safe Applications with Open Source Tools

  • 1.
    Building Quantum-Safe Applications withOpen Source Tools Paul Schweigert IBM psschwei.com
  • 2.
    Agenda 1. Understand theRisk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
  • 3.
    1. Understand theRisk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
  • 4.
    Hard problems (NP) Why quantum? Quantumeasy Quantum easy Easy problems (polynomial)
  • 5.
  • 8.
  • 9.
    1. Understand theRisk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
  • 12.
    Open Source https://pqca.org To advancethe adoption of post- quantum cryptography, by producing high-assurance software implementations of standardized algorithms, and supporting the continued development and standardization of new post-quantum algorithms with software for evaluation and prototyping.
  • 13.
    PQ Code Package OpenQuantum Safe project Library of many PQ algorithms • Main profile: standards- track algorithms • Experimental profile: new algorithms, NIST signatures on-ramp etc. Initial Projects Overview “Kyber” code package High-assurance production source-code implementations of Kyber • C, x86_64, ARMv8, … • Rust, Go, … • audited/certified/formally verified Plus appropriate wrappers / providers, e.g. Kyber OpenSSL 3 provider OQS OpenSSL 3 Provider Integration of PQ + hybrid algorithms from liboqs into OpenSSL 3 via OpenSSL provider interface • TLS key exchange, authentication • X.509 • S/MIME, CMS, CMP OQS demos Prototype integrations of PQ into protocols and applications to support experiments, standardization, interoperability Potential Phase 2 projects • Dilithium • XMSS, LMS • SPHINCS+ • Falcon (-> Phase 3?) Production track: safe for use in production environments, with external audits or certification Experimental track: primarily for prototyping and experiments, mindful of potential production use liboqs
  • 14.
    Becoming Quantum Safe Discover:Scan source and object code to locate cryptographic assets, dependencies, and vulnerabilities. Build a cryptography bill of materials (CBOM). Observe: Create a dynamic cryptographic inventory to guide remediation. Analyze cryptographic posture and compliance to prioritize risks. Transform: Learn and apply quantum-safe remediation patterns in a development environment. Prepare to deploy quantum-safe solutions to your stack.
  • 15.
    1. Understand theRisk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
  • 16.
  • 17.
    3. Be Prepared PublicInternet User Internal Network Client Web Application Firewall Entrypoint Application Application 2… Quantum Safe Flow High Level View
  • 18.
    Quantum Safe Client: ConfiguringOpenSSL 18 • Install liboqs & oqs-provider • https://github.com/open-quantum-safe/liboqs • https://github.com/open-quantum-safe/oqs-provider • Configure OpenSSL to use Kyber algorithm
  • 19.
    Quantum Safe ServiceMesh: Updating Istio 19 • Envoy • QSafe BoringSSL: https://github.com/google/boringssl/blob/45cf810dbdbd767f09f8cb0b0fcccd342c39041f/src/ssl/ssl_key_share.cc#L285-L293 • Istio • Add QSafe supported group: https://github.com/istio/istio/commit/7635f7ea50514958518eb17b631682f953e723cc • Secure mesh traffic: https://github.com/istio/istio/issues/52290
  • 20.
    Kubernetes Pod Kubernetes Pod Quantum Safe Flow WAF QSClient User (Laptop) Existing Components Non- QS API GW QSafe TLS - X25519Kyber768 Legacy TLS - X25519 Layer-4 VPC LB Client containing required libraries supporting OpenSSL 3 and QSafe Providers Public Cloud Non-QS Client Remediations Standard setup QSafe Istio ingress QSafe Side Proxy QSafe Side Proxy Pattern repeats for other services Detail View
  • 21.
    1. Understand theRisk 2. Becoming Quantum Safe 3. Protecting Applications 4. Next Steps
  • 22.
    Next Steps Learn aboutpost-quantum cryptography Start inventorying your crypto
  • 23.
    Next Steps Learn aboutpost-quantum cryptography Start inventorying your crypto https://learning.quantum.ibm.com/course/practi cal-introduction-to-quantum-safe-cryptography https://github.com/IBM/CBOM