The infamous Heartbleed bug turned ten years old on April 1. If we don’t act now, it will happen again courtesy of quantum computing – but this time it could be worse.
The Heartbleed bug in OpenSSL was independently discovered by Codenomicon and Google in March 2014. Google reported it to OpenSSL on April 1, 2014. OpenSSL apparently wished to delay full disclosure to give time for fixes to be developed – but with two separate research teams discovering the flaw, the possibility of wider knowledge could not be ignored.
Details were published on the CVE List with the identifier CVE-2014-0160 on April 7, 2014 – but April 1 is the widely recognized anniversary date. The problem was a small implementation error in the OpenSSL implementation of the TLS/DTLS protocols in versions 1.0.1 to 1.0.1f – but the effect was massive.
Remote attackers could steal the X.509 certificate secret keys, usernames and passwords, communications, and documents. Netcraft figures for April 2014 suggested that two-thirds of the internet used servers using OpenSSL. Exploitation was undetectable.
The basic problem was that Heartbleed made most certificates vulnerable. The future problem is that quantum decryption will make all certificates and everything else using RSA encryption vulnerable to everyone. This will happen – the only question is ‘when?’.
Kevin Bocek, chief innovation officer at Venafi, compared the Heartbleed of ten years ago to the future quantum debacle – let’s call it QuantumBleed. “Heartbleed required applications to be changed. And then the identities that were used with those applications – so TLS keys and certificates had to be changed. And there were multiple sub requirements within that because you had to reissue, you had to revoke, you had to install, and you had to validate that everything was complete. And when you did all those things, you were ready,” he told SecurityWeek.
But for QuantumBleed, he continued, that would just be the first stage. “In the post quantum world, we will have to do that multiple times, and more often than we might think.” Google has already reduced the acceptable lifespan of a certificate to 398 days. In March 2023, it proposed reducing this to 90 days in its ‘Moving Forward, Together’ roadmap “With quantum decryption we may be advised to change our certificates more frequently than 90 days, or maybe we will be advised to change them tomorrow.”
With QuantumBleed, all the original problems from Heartbleed, the long tail of remediation efforts magnified by today’s more complex and distributed infrastructures will kick in – but repeatedly.
Speaking with the Intelligence and National Security Alliance on March 19, 2024, Gil Herrera, director of research at the NSA described the arrival of quantum and its decryption capabilities: “If this black swan event happens, then we’re really screwed.” He is concerned that the world economy – and especially the US economy – would suffer since most of the world’s financial transactions are secured by RSA.
Dennis Mandich, the CTO at Qrypt, responded on LinkedIn that this is no ‘black swan’: “This is really a “White Swan” event – easily predictable with severe consequences, even if we do not know the date.” Fundamentally, it is black if we are not prepared, but white if we are prepared.
It is important to note the difference between quantum RSA decryption and non-quantum RSA cracking. The latter could, technically, have already occurred. National intelligence agencies could have achieved this – but they would keep it secret and for their own use only. Achieving full quantum computing would be too massive to hide. Knowledge would escape.
Cloud quantum computing already exists on a limited scale. This would expand until everyone, intelligence agencies and criminals alike, would have access and be able to decrypt certificates. This is the fundamental reasoning behind the NIST drive to produce quantum proof encryption algorithms to replace RSA – to transform the black swan event into a white swan event.
The problem is that developing these algorithms and transitioning commerce to their use will take time, and we don’t know how much time is available. Predictions for the arrival of RSA decryption-capable quantum computers (Q-day) vary from anything between five and twenty years.
Charles Blauner, CISO at Team8, told SecurityWeek that lack of preparedness for quantum is one of his major concerns. “I don’t view that as a major risk in the next year or two. But it does scare me, the lack of preparation for when that’s going to happen, because no one knows exactly when it’s going to happen.” His concern is not so much that we cannot prepare for it (with NIST’s quantum-proof algorithms), but that we haven’t begun the preparation.
“It can take a decade or more [for large organizations] to swap out cryptographic infrastructures,” he continued. “If quantum at scale happens within seven years from now, then we’re in deep trouble because we haven’t begun that migration yet. The cryptographic infrastructure, especially around things like software updates, software signatures and all that stuff, is fundamental to the security of the internet.”
Bocek agrees that QuantumBleed is the biggest mid to longer term threat we face today. He is slightly more optimistic than Blauner. He believes that if we really begin to understand the importance of the issue, we can achieve it in less time. But it’s still a mammoth task.
“RSA is the foundation on which we’ve built modern cybersecurity, modern digital commerce, and modern social media. How do I know I’m actually connecting my phone to Facebook, or YouTube, or Zoom? How do I know my app is really connecting to the cloud? It’s because of RSA – and when that crumbles, everything else stops working.”
It will crumble. We cannot stop that. All we can do is replace RSA with something that will be QuantumBleed resistant. That will require swapping out all of RSA usage and replacing with NIST’s quantum proof encryption algorithms. “That cannot be done overnight,” he said. “It’s a migration that will be measured in years, not months. So, get started now.”
Related: Cyber Insights 2024: Quantum and the Cryptopocalypse
Related: Apple Adds Post-Quantum Encryption to iMessage
Related: Tech Giants Form Post-Quantum Cryptography Alliance
