Revolutionizing Network Security: Sitehop's Innovative Approach to the Post Quantum Cryptography Transition
Last month, the US agency National Institute of Standards and Technology (NIST) released a groundbreaking new Post Quantum Cryptography (PQC) standard. This standard, set to revolutionize modern asymmetric cryptography, and essential to protect sensitive data in the coming era of quantum computers which can easily break today’s cryptographic methods, will be a pivotal point in the commercial and government sectors over the next 5-10 years. The US federal agencies estimate a cost of $7.1B by 2035 for this transition.
The transition to PQC has already started, marking a significant shift in the way data is protected from threat actors as these encryption algorithms evolve, a change that has not occurred in the past 50 years where they have remained constant. This evolution necessitates the swapping out or updating of cryptographic algorithms as the technology to crack them evolves, a requirement known as cryptographic agility.
Today’s encryption technologies achieve this agility using software, which easily achieves this as it is simple to upgrade and can be almost infinitely adapted to new encryption requirements. However the resulting encryption capability is slow compared to dedicated hardware systems and power-hungry owing to the need to use multiple processors running the code in an attempt to get the best speed possible. These two factors make it unsuitable for the current needs for enterprise data rates, which are reaching 100’s of Gbits/second. As mentioned, dedicated hardware can be designed to run much faster and at much lower powers than software, these devices are called Application Specific Integrated Circuits (or ASICs) but these, by their very nature are not crypto-agile and must be redesigned and manufactured each time an algorithm change is required. A final method to avoid the use of slow software encryption in high-speed networking is to decide not to encrypt the data at all, but instead rely on the security of a “private wire” purchased at high cost from a national or international carrier or telco. In the USA this can cost around $10,000/month for a single 100Gbits/sec connection and so is becoming a major cost for enterprise networking as bandwidth requirements increase.
Sitehop believes that the solution is to use a reprogrammable hardware device such as a Field Programmable Gate Array (FPGA) to get crypto agility and high throughput. These devices are built on hardware which is both reprogrammable and high-speed and can be updated remotely without replacing the equipment in which they are operating.
FPGAs allow cryptography to be added to an enterprise network without a noticeable impact on network performance, all while using an open standard—IPsec. Sitehop's technology has the ability to aggregate many IPsec connections and, supporting both Legacy encryption standards and PQC upgrades in the same equipment allow for a phased transition to PQC, resulting in the ability for enterprises to plan this transition without having to replace large numbers of capital equipment in order to add this capability to their networks..
Example
Sitehop's technology can effectively protect distributed energy networks, ensuring security while sending all logging back to a centralized data centre. This practical application demonstrates the real-world benefits of Sitehop's technology in securing critical infrastructure.
For instance, a distributed network working over an untrusted network such as the Internet poses obvious risks for all customers, especially ones dealing with Critical National Infrastructure (CNI). Utilizing both PQC and the hardware-enforced nature of Sitehop's offering to protect against threat actors, CNI can increase their security substantially. Sitehop's technology will also increase the network's speed compared to other encryption mechanisms.
The transition can occur in phases using existing equipment to create a transitional secure network. In time, outdated boxes can be swapped out with Sitehop equipment to increase security network performance and reduce ownership costs due to the centralized management interface and ease of setup and maintenance.
In conclusion, the introduction of the Post Quantum Cryptography (PQC) standard by the NIST marks a significant milestone in the evolution of cryptographic algorithms. Sitehop's innovative use of reprogrammable hardware devices such as Field Programmable Gate Arrays (FPGAs) presents a promising solution for achieving cryptographic agility, the lowest encryption latency, and high throughput without compromising network performance. The practical application of Sitehop's technology in securing critical infrastructure, particularly in distributed energy networks, demonstrates its real-world benefits and potential to substantially enhance security for organizations dealing with Critical National Infrastructure (CNI). As the transition to PQC continues, Sitehop's phased approach and hardware-enforced security measures offer a compelling pathway for organizations to improve network performance, increase security, and reduce ownership costs.
Jill Broom
Jill Broom
Jill leads the techUK Cyber Resilience programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
- Email:
- [email protected]
- Website:
- www.techuk.org/
- LinkedIn:
- https://www.linkedin.com/in/jill-broom-19aa824
Annie Collings
Annie Collings
Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023.
In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.
Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.
- Email:
- [email protected]
- Twitter:
- anniecollings24
- LinkedIn:
- https://www.linkedin.com/in/annie-collings-270150158/
Tracy Modha
Tracy Modha
Tracy supports the marketing of several areas at techUK, including Cyber Exchange, Central Government, Cyber Resilience, Defence, Education, Health and Social Care, Justice and Emergency Services, Local Public Services, Nations and Regions and National Security.
Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!
Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!
- Email:
- [email protected]
- Phone:
- 02073312000
- Website:
- www.techuk.org
- LinkedIn:
- https://www.linkedin.com/in/tracymodha83
Authors
Ben Harper
Ben Harper is the Co-Founder and Chief Technology Officer at Sitehop Ltd, specializing in FPGA technology and cybersecurity. A graduate of the University of Southampton, he started his career at Detica before moving into technical management. At Sitehop, Ben drives the technological strategy and innovation behind products like the SAFEcore1000, the world's lowest latency IPsec VPN.