Classical Algorithms in PKI

Classical RSA and ECDSA Algorithms in PKI Hierarchies

Classical RSA and ECDSA Algorithms in PKI Hierarchies

It no longer makes sense to build PKI CA hierarchies with RSA and ECDSA algorithms using long validity periods

Compiled and Researched by Steve Monti

It no longer makes sense to build PKI CA hierarchies with RSA and ECDSA algorithms, using long validity periods of 10-15 years or more without incorporating post-quantum considerations. Given the potential quantum threat within that time frame, and the availability of quantum-resistant algorithms, like ML-DSA, organizations should start transitioning towards these new standards.

For new PKI deployments, especially those with long-term certificates, using post-quantum algorithms or hybrid approaches would be the prudent and forward-looking choice.

Considerations

Quantum Threat

Quantum computers, once they become powerful enough, could potentially break RSA and ECDSA algorithms. RSA, in particular, is vulnerable to Shor’s algorithm, which can efficiently factorize large numbers, making RSA insecure. ECDSA is also vulnerable to quantum attacks, although slightly more resistant than RSA.

The timeline for when quantum computers will pose a real threat is still uncertain, but many experts believe it could happen within the next 10 -15 years or even 5 years. This uncertainty makes it risky to issue certificates today with RSA or ECDSA that are intended to last for 10-15 years.

Longevity of Certificates

Certificates with long validity periods (10-15 years) are particularly at risk because they may still be in use when quantum computers capable of breaking RSA and ECDSA become available. Once these algorithms are broken, the certificates and the data they protect would be compromised.

Moving to quantum-resistant algorithms like ML-DSA is crucial for future-proofing PKI infrastructures against this potential threat.

Transitioning to Post-Quantum Algorithms

The release of ML-DSA provides a viable alternative for building PKI infrastructures that are resistant to quantum attacks. While the deployment of these new algorithms might come with challenges, such as increased computational overhead or larger key sizes, they offer the security necessary to protect against future quantum threats.

Hybrid approaches, where post-quantum algorithms like ML-DSA are used alongside traditional algorithms, are also being considered. This ensures that even if quantum-resistant algorithms encounter unforeseen issues, the traditional algorithms provide a fallback.

Industry Adoption and Compliance:

As NIST has formally released these post-quantum standards, it is likely that industry best practices and compliance requirements will increasingly favor the adoption of these algorithms, especially for long-term security solutions.

Organizations that continue to rely solely on RSA and ECDSA may find themselves out of compliance with future regulatory requirements or industry standards.