Protect the Mainframe from Quantum Threats

For decades, most large-scale companies have used mainframes to host and run the software applications that make up their core systems. Often these mainframe computers and their applications are inherited from mergers and acquisitions, or from deferred IT investments.

Today, it is estimated that more than half of core business processes may still run on a mainframe system. But maintaining and relying on these now antiquated applications pose cost and, soon, quantum security risks.. 

IBM’s Z16 with built-in inference processing

Organizations are torn between the need to manage costs while maximizing the value of their mainframe. This leads them to ask, “If our system is not broken, why should we invest to fix it.  In DancingDinosaur’s experience in covering the mainframe for decades the mainframe is not actually broken. The real problem is a failure to modernize an increasingly problematic system. But problematic increases as quantum computing gains traction.

IBM, by the way, does not actively discourage such thinking. It always is eager to tout the latest mainframe with the latest bells and whistles. Today that is the z16, introduced in April, covered here, as an inference processing workhorse. Now the trick is to determine when you actually need that kind of processing and can it take on the quantum threats you may face.

Quantum algorithms running on sufficiently powerful quantum computers have the potential to weaken or break the core cryptographic primitives that we currently use to secure systems and communications. The fact that these algorithms can be broken leaves the foundation for global digital security at risk, notes IBM. Temporary solutions like increasing RSA or ECC key size will only buy a little time — like extra months, not extra years.

Fortunately, IBM is extremely active around the latest security, which addresses quantum computing. IBM refers to it as the next technology revolution. Whether a revolution or not, when a sufficiently powerful quantum computer is available, it invariably will give rise to new security challenges that bad guys can access. There are many exciting applications in industries including pharmaceuticals, finance, and manufacturing but they also need to be thinking about quantum security. 

Organizations and standards bodies already have started taking action to address the threat. The National Institute of Standards and Technology (NIST) initiated a process to solicit, evaluate and standardize new public-key cryptographic algorithms that can resist threats posed by both the classical computers we have today and quantum computers that will be available soon. 

NIST plans to select a small number of new quantum-safe algorithms this year and have new quantum-safe standards in place by 2024. IBM researchers have also been involved in the development of quantum-safe  cryptographic algorithms based on lattice cryptography, which are in the final round of consideration.

Unfortunately, we have a only little time to implement quantum-safe solutions before the advent of large-scale quantum computers that can break quantum-grade security threats arise. That’s not much time. We don’t know when a large-scale quantum computer capable of breaking public key cryptographic algorithms will be available, but experts predict that this could be possible before the end of the decade. 

And, sensitive data with a long lifespan is already vulnerable to harvest-now-decrypt-later attacks: That suggests hackers can capture encrypted data today and store it for later when they can decrypt it using a quantum computer.

This wouldn’t be Dancing Dinosaur if it didn’t think IBM wasn’t already thinking about, planning for, and preparing new quantum-safe cryptographic technology. IBM boasts the z16 as the industry’s first quantum-safe system, protected by quantum-safe technologies across multiple layers of firmware to protect business-critical infrastructure and data from quantum attacks. And it won’t be the last, for sure. In the meantime, stay tuned and keep your fingers crossed.

Alan Radding is DancingDinosaur, a veteran information technology analyst, writer, and ghostwriter. Follow DancingDinosaur on Twitter.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: