In a press release published in October, 2022, IBM announced that they have successfully implemented a quantum-safe algorithm in a real-life product, the IBM zSystems. They tried out the migration on their device, the IBM z15, and used the findings to improve the Hardware Security Modules (HSM) for the IBM z16.
Quantum computers can potentially transform many aspects of civilization, but a significant security problem is ahead. Present cryptography techniques are secure, but as fault-tolerant quantum computers are developed, it will become possible to crack those systems. It’s necessary for industries like finance, communications, and health that rely on cryptography for security to migrate to quantum-safe algorithms.
IBM’s Zurich-based cryptography team started looking into ways to quantum-proof the IBM zSystems platform in 2015, even before IBM hosted its first quantum computer on the cloud and far before NIST decided on its new standards.
By the end of 2016, the idea of developing new, quantum-safe standards had spread beyond a few cryptographer teams. The National Institute of Standards and Technology (NIST) requested submissions for quantum-safe alternatives for present digital signatures and key setup techniques, setting off the process of developing new cryptography standards. By 2018, IBM broadened the real system tests using NIST’s first-round candidate algorithms.
Quantum Security: Tests On Real Hardware
Since the IBM zSystems high-assurance stack was created especially to provide long-term security for IBM zSystems, the company decided to begin testing systems using the stack. The stack includes the Hardware Security Modules (HSM) -specialized crypto processors that safeguard the whole crypto key lifecycle.
IBM’s systems were tested, and the trials went well. They demonstrated how to transfer the HSM’s root-certificate and firmware signatures for the IBM z15 system using the CRYSTALS-Dilithium signature scheme.
They choose this scheme because lattice-based algorithms excelled in performance and key size in their previous experiments. The successful migration of the z15 ensured the system’s safety and forgery-proof upgrades for the duration of its life.
IBM zSeries and Quantum Security
While the z15 platform was not yet entirely quantum-safe like the next-generation platform, IBM z16, it did have Dilithium operations enabled in its HSM, and the IBM zSystems logging trail was also signed with a Dil-signature.
Since IBM has full control over the application stack and does not rely on third-party components, the whole infrastructure supporting the certification process had to be migrated along with the HSM. Making the HSM quantum-safe meant it could be trusted and updated in future generations, protecting it from quantum threats.
Combining an implementation-mature signature scheme with a quantum-safe allows for securely updating it after the deployment — for example, when a new side channel is discovered — without putting the entire system at risk.
With the achievement of the first implementation of a quantum-safe algorithm in a real-life product, IBM decided to protect the IBM z16 from future quantum attacks fully. The first step was to create a cryptographic inventory of the IBM zSystems stack as a whole and enhance the IBM z16 HSM’s quantum-safe algorithm capabilities during the process. The new IBM z16 was released in April 2022, only weeks before NIST announced the winners of its six-year-long crypto challenge, which included CRYSTALS.
The migration to crypto-safe algorithms is still in its infancy, but IBM achieved it effectively with its products and calls on other companies to do the same.