Introduction
Quantum computing represents a significant technological advancement with the potential to revolutionize various fields, including cryptography. As quantum computers become more powerful, they pose a potential threat to the cryptographic algorithms currently used in EMV® chip card payments. This blog assesses the impact of quantum computing on EMV® chip cryptography, ep2 transaction processing and outlines the measures being taken to ensure the continued security of card payment systems.
Overview
Quantum computers pose a potential threat to EMV® chip cryptography, particularly to asymmetric algorithms (RSA, ECC) and to a lesser extent, symmetric algorithms (AES).
Asymmetric Cryptography (RSA/ECC)
Shor’s Algorithm could theoretically break RSA and ECC, but quantum computers need significant advancements (5-7 orders of magnitude) to be a realistic threat.
Symmetric Cryptography (AES)
Grover’s Algorithm is faster than classical search, but it is impractical for breaking AES-128. Therefore AES-128 is considered secure against both classical and quantum attacks. AES-256 is also available for contingency but not necessary for quantum resistance.
Future Outlook
Significant quantum threats are projected to be at least 10-15 years away, with cryptographically significant quantum computers unlikely before 2040.
Conclusion
Within the mentioned timeframe above, AES-128 remains the recommended symmetric algorithm, but it makes sense to emphasize crypto agility and the ability to adapt to future developments. By supporting AES-128 starting with ep2 Version 8.x.x customers are well protected, also for the years to come.
Sources
https://sam-jaques.appspot.com/quantum_landscape_2023
https://arxiv.org/pdf/quant-ph/9711070.pdf
https://csrc.nist.gov/Projects/post-quantum-cryptography/faqs
https://eprint.iacr.org/2019/1146.pdf
https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography