Sopra Steria x Thales : Post Quantum Cryptography for Banks

We recently published an article describing the need to upgrade existing cryptography systems with so-called Post-Quantum algorithms, which will be able to resist the potentially huge computation power of quantum computers.  

In this article, we would like to focus on the practical solutions which could be offered to the banks in this regard. To this end, we are interviewing Benoît Jouffrey from Thales, a leading global provider of cybersecurity solutions.  

Benoît Jouffrey, would you please tell us about Thales and your role there?  

As Chief Technology Officer of Thales Cybersecurity and Digital Identity, one of my duties is to identify the main technology trends that will impact our customers over the next years, and start defining the answers we should bring them in order to build, as per the Thales motto, a future we can all trust. One of these trends is Post-Quantum Cryptography (PQC).  

In our last article, we described the Q-day risk, ie. a doomsday due to quantum computers breaking all existing cryptography algorithms. At what horizon do you see this coming and what are the actual risks for the banking sector?  

There is a diversity of opinions between computer scientists regarding the date at which a first version of a commercial Quantum Computer would be available to “break” the classical cryptosystems. Some experts believe this would be possible within the next 10 years while others are generally targeting 2035-2040. The reality is that nobody knows, and at the same time nobody wants to take the risk. The reasoning is the following: we have the vaccine, why not use it?   

Regarding the banking sector, one of its peculiarities is that migration times can be long compared to other industries, meaning this threat has to be  anticipated now. Three types of major risks need to be taken into account:  

1. Disclosure of banks’ sensitive information with long-term secrecy requirements .
2. Loss of integrity of large amount payment orders between banks, that could be undetected if the cryptographic keys used to protect these payment orders are revealed.  
3. Impersonation of bank customers who are identified using classical electronic signatures, generating fraud and loss of reputation.       

We understand that the US has setup a timeline to migrate to post-quantum cryptography, especially through the NIST standards. What is the situation on the market? How have the US banks started preparing?  

Indeed in the USA, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) and the National Institute of Standards Technology (NIST), have urged organizations to start preparing for the implementation of post-quantum cryptography by doing the following:  

• Establish a Quantum-Readiness Roadmap  
• Engage with technology vendors to discuss post-quantum roadmaps.  
• Conduct an inventory to identify and understand cryptographic systems and assets.  
• Create migration plans that prioritize the most sensitive and critical assets.  

As a result, the US has decided that its federal public service shall migrate first, although no obligation has been set. The estimated cost of the migration of the prioritized information systems until 2035 shall be more than $7 billion 

As of now, no migration schedules have been set neither for the US Administration nor the Financial Sector. NIST takes 2035 as a reference date at which the Quantum Threat will likely become a reality, which can therefore be a reasonable target date for the US Financial Industry to migrate. .  

Even though there is limited public visibility regarding the overall positioning of US banks towards the Quantum Threat, we note that Pioneer Quantum US Banks include JP Morgan, Citigroup, Wells Fargo and HSBC according to the American Banker.   

And they overall have been considering two different kinds of approaches against the Quantum Risks:   

• Direct use of Quantum Technologies to mitigate the Quantum Threat, for instance through Quantum Keys Distribution, which requires a dedicated infrastructure.  
• Migration to Post-Quantum Cryptography  

The first option has been tested by several of those US Pioneers. But I believe that the second option will be privileged, in particular thanks to  the availability of the first NIST Post-Quantum Cryptography Standards (FIPS 203,204 and 205) which were released in August 2024.   

We should note than on top of preventing “Quantum risks”, a Bank  having a “Quantum advantage” would get a major competitive breakthrough. As a result, some US Banks have announced funding of different promising Hi-Tech Companies working in the field of Quantum Computers.      

In Europe also, the ENISA has started sharing convictions, as well as some local authorities (ANSSI in France is one of them). However, the timeline does not seem to as precise as in the US. How do you foresee the situation evolving there? Are banks starting to move forward with some initiatives?   

We believe that at European Level, the migration to Post-Quantum systems will be ultimately mandated by law and monitored by the Financial Authorities and ENISA. Via a common agreement and possibly after consulting with the Banking industry, they will set migration deadlines.  

European Banks such as Credit Agricole and BNP Paribas in France, UK Banks such as Barclays, HSBC and Netherland’s ING have already evaluated Quantum Risks and sometimes funded Quantum Start-Ups and/or directly experiencing Quantum Technology.  

The first phase of a migration program to PQC is to get a complete understanding of the existing crypto systems. What are the challenges related to this? What is Thales offering in this space ? 

Banks must consider their IT systems and Customer Data (Storage, In Transit) for their Post-Quantum migration. Indeed, it’s unlikely they are cryptographically protected with an adequate level of robustness. Therefore, for Banks the most urgent task is to create the inventory of these critical data and review their cryptographic protection, against a double criterion: adverse consequences in case they’re disclosed, and/or if their integrity is broken. Once the inventory is done, they must focus on the evaluation of the investments required for the PQ migration, establishing a priority for migration depending on the criticality and/or vulnerability of the IT system identified as hosting data at risk.     

Thales has comprehensive experience in delivering products and solutions for a safe migration of the Security Controls protecting sensitive IT systems. More importantly, Thales is either having ready-to-use or prototypes of Post-Quantum components for Payment Systems, both at the front-end level (PQ cards and Secure Elements) and for back-end systems (OTA and Cloud-based servers, HSMs, Key Management Servers…).   

The second phase is to experiment with concrete algorithms, especially though hybridization. Could you define better this concept and help us understand why it is the right step towards full PQC?  

Hybridization consists in the implementation of a cryptographic mechanism which is the combination of a Post-Quantum asymmetric algorithm (e.g., ML-DSA recently standardized by NIST) with a classical asymmetric algorithm (e.g., RSA).     

French ANSSI, alongside with German BSI, insist that hybridization is needed when a post-quantum algorithm is implemented, at least until 2030 according to its position paper on Post-Quantum Cryptography5. The reason is that post-quantum algorithms have not been sufficiently tested yet. As a result, the addition of a classical and robust cryptographic mechanism adds to the security of a « stand-alone » post-quantum implementation.   

Another phase is to upgrade towards a new crypto-agile infrastructure. What is this new concept of crypto agility? Why is this necessary? What is Thales offering in this space?  

Crypto-agility is a device /system functionality that enables to update the device/system for the execution of stronger cryptographic mechanisms, with no need to replace the system physical components and thus ensuring business continuity. In this respect, we note that the new EU regulation Cyber-Resilience Act (CRA) requires that personal computing devices support patching functionalities.  

For instance, a crypto-agile payment card using a classical asymmetric algorithm, such as RSA for card authentication purposes, will be able to switch and execute the same card authentication using ML-DSA (another protocol). Thales will be offering crypto-agile payment cards when established certification processes will be available  

How do you see the market evolve in the next 12 – 24 months?  

We believe that the recent publication by NIST of the first set of Post-Quantum Crypto-algorithms is going to boost the interest of Banks for prototyping devices supporting crypto-agile and /or hybrid post-quantum cryptography.  It sets the basis for more stable standards and a solid base. Migration is still going to take time but the incentive is real and the interest around those topics is going to keep raising. We are just at the beginning of this major transformation.  

Would you like to learn more about quantum technology? Contact our expert Marine Lecomte, Head of Financial Services Offers and Innovations at Sopra Steria.