Making existing software quantum safe: a case study on IBM Db2

Making existing software quantum safe: a case study on IBM Db2

The software engineering community is facing challenges from quantum computers (QCs). In the era of quantum computing, Shor's algorithm running on QCs can break asymmetric encryption algorithms that classical computers practically cannot. Though the exact date when QCs will become "dangero...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:arXiv.org 2023-04
Hauptverfasser: Zhang, Lei, Miranskyy, Andriy, Rjaibi, Walid, Stager, Greg, Gray, Michael, Peck, John
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Computer Science - Cryptography and Security
Computer Science - Emerging Technologies
Computer Science - Software Engineering
Quantum computers
Quantum computing
Quantum cryptography
Safety
Software
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title arXiv.org
container_volume
creator Zhang, Lei
Miranskyy, Andriy
Rjaibi, Walid
Stager, Greg
Gray, Michael
Peck, John
description The software engineering community is facing challenges from quantum computers (QCs). In the era of quantum computing, Shor's algorithm running on QCs can break asymmetric encryption algorithms that classical computers practically cannot. Though the exact date when QCs will become "dangerous" for practical problems is unknown, the consensus is that this future is near. Thus, the software engineering community needs to start making software ready for quantum attacks and ensure quantum safety proactively. We argue that the problem of evolving existing software to quantum-safe software is very similar to the Y2K bug. Thus, we leverage some best practices from the Y2K bug and propose our roadmap, called 7E, which gives developers a structured way to prepare for quantum attacks. It is intended to help developers start planning for the creation of new software and the evolution of cryptography in existing software. In this paper, we use a case study to validate the viability of 7E. Our software under study is the IBM Db2 database system. We upgrade the current cryptographic schemes to post-quantum cryptographic ones (using Kyber and Dilithium schemes) and report our findings and lessons learned. We show that the 7E roadmap effectively plans the evolution of existing software security features towards quantum safety, but it does require minor revisions. We incorporate our experience with IBM Db2 into the revised 7E roadmap. The U.S. Department of Commerce's National Institute of Standards and Technology is finalizing the post-quantum cryptographic standard. The software engineering community needs to start getting prepared for the quantum advantage era. We hope that our experiential study with IBM Db2 and the 7E roadmap will help the community prepare existing software for quantum attacks in a structured manner.
doi_str_mv 10.48550/arxiv.2110.08661
format Article
fullrecord <record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_2110_08661</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2583227300</sourcerecordid><originalsourceid>FETCH-LOGICAL-a951-3cb2c48f0c39c0da217be0b59ce66c216126716322f9627c3503ea2702e68ba73</originalsourceid><addsrcrecordid>eNotj09PwkAUxDcmJhLkA3hyE8_Ft2-7f-rBRBGVBOKFe_O6bE1RWthtFb69BTzNZDKZzI-xGwHj1CoF9xT21c8YRR-A1VpcsAFKKRKbIl6xUYxrAEBtUCk5YI8L-qrqT-73VWyPJjZl-0vB811HddtteKTSP3DijqLnse1WB97UfPa84C8FXrPLkr6jH_3rkC1fp8vJezL_eJtNnuYJZUok0hXoUluCk5mDFaEwhYdCZc5r7VBo0f8RWiKWmUbjpALpCQ2g17YgI4fs9jx7gsu3odpQOORHyPwE2Tfuzo1taHadj22-brpQ959yVLZfNhJA_gEV61IB</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2583227300</pqid></control><display><type>article</type><title>Making existing software quantum safe: a case study on IBM Db2</title><source>arXiv.org</source><source>Free E- Journals</source><creator>Zhang, Lei ; Miranskyy, Andriy ; Rjaibi, Walid ; Stager, Greg ; Gray, Michael ; Peck, John</creator><creatorcontrib>Zhang, Lei ; Miranskyy, Andriy ; Rjaibi, Walid ; Stager, Greg ; Gray, Michael ; Peck, John</creatorcontrib><description>The software engineering community is facing challenges from quantum computers (QCs). In the era of quantum computing, Shor's algorithm running on QCs can break asymmetric encryption algorithms that classical computers practically cannot. Though the exact date when QCs will become "dangerous" for practical problems is unknown, the consensus is that this future is near. Thus, the software engineering community needs to start making software ready for quantum attacks and ensure quantum safety proactively. We argue that the problem of evolving existing software to quantum-safe software is very similar to the Y2K bug. Thus, we leverage some best practices from the Y2K bug and propose our roadmap, called 7E, which gives developers a structured way to prepare for quantum attacks. It is intended to help developers start planning for the creation of new software and the evolution of cryptography in existing software. In this paper, we use a case study to validate the viability of 7E. Our software under study is the IBM Db2 database system. We upgrade the current cryptographic schemes to post-quantum cryptographic ones (using Kyber and Dilithium schemes) and report our findings and lessons learned. We show that the 7E roadmap effectively plans the evolution of existing software security features towards quantum safety, but it does require minor revisions. We incorporate our experience with IBM Db2 into the revised 7E roadmap. The U.S. Department of Commerce's National Institute of Standards and Technology is finalizing the post-quantum cryptographic standard. The software engineering community needs to start getting prepared for the quantum advantage era. We hope that our experiential study with IBM Db2 and the 7E roadmap will help the community prepare existing software for quantum attacks in a structured manner.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.2110.08661</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Algorithms ; Computer Science - Cryptography and Security ; Computer Science - Emerging Technologies ; Computer Science - Software Engineering ; Quantum computers ; Quantum computing ; Quantum cryptography ; Safety ; Software</subject><ispartof>arXiv.org, 2023-04</ispartof><rights>2023. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,784,885,27925</link.rule.ids><backlink>$$Uhttps://doi.org/10.48550/arXiv.2110.08661$$DView paper in arXiv$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.1016/j.infsof.2023.107249$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink></links><search><creatorcontrib>Zhang, Lei</creatorcontrib><creatorcontrib>Miranskyy, Andriy</creatorcontrib><creatorcontrib>Rjaibi, Walid</creatorcontrib><creatorcontrib>Stager, Greg</creatorcontrib><creatorcontrib>Gray, Michael</creatorcontrib><creatorcontrib>Peck, John</creatorcontrib><title>Making existing software quantum safe: a case study on IBM Db2</title><title>arXiv.org</title><description>The software engineering community is facing challenges from quantum computers (QCs). In the era of quantum computing, Shor's algorithm running on QCs can break asymmetric encryption algorithms that classical computers practically cannot. Though the exact date when QCs will become "dangerous" for practical problems is unknown, the consensus is that this future is near. Thus, the software engineering community needs to start making software ready for quantum attacks and ensure quantum safety proactively. We argue that the problem of evolving existing software to quantum-safe software is very similar to the Y2K bug. Thus, we leverage some best practices from the Y2K bug and propose our roadmap, called 7E, which gives developers a structured way to prepare for quantum attacks. It is intended to help developers start planning for the creation of new software and the evolution of cryptography in existing software. In this paper, we use a case study to validate the viability of 7E. Our software under study is the IBM Db2 database system. We upgrade the current cryptographic schemes to post-quantum cryptographic ones (using Kyber and Dilithium schemes) and report our findings and lessons learned. We show that the 7E roadmap effectively plans the evolution of existing software security features towards quantum safety, but it does require minor revisions. We incorporate our experience with IBM Db2 into the revised 7E roadmap. The U.S. Department of Commerce's National Institute of Standards and Technology is finalizing the post-quantum cryptographic standard. The software engineering community needs to start getting prepared for the quantum advantage era. We hope that our experiential study with IBM Db2 and the 7E roadmap will help the community prepare existing software for quantum attacks in a structured manner.</description><subject>Algorithms</subject><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Emerging Technologies</subject><subject>Computer Science - Software Engineering</subject><subject>Quantum computers</subject><subject>Quantum computing</subject><subject>Quantum cryptography</subject><subject>Safety</subject><subject>Software</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GOX</sourceid><recordid>eNotj09PwkAUxDcmJhLkA3hyE8_Ft2-7f-rBRBGVBOKFe_O6bE1RWthtFb69BTzNZDKZzI-xGwHj1CoF9xT21c8YRR-A1VpcsAFKKRKbIl6xUYxrAEBtUCk5YI8L-qrqT-73VWyPJjZl-0vB811HddtteKTSP3DijqLnse1WB97UfPa84C8FXrPLkr6jH_3rkC1fp8vJezL_eJtNnuYJZUok0hXoUluCk5mDFaEwhYdCZc5r7VBo0f8RWiKWmUbjpALpCQ2g17YgI4fs9jx7gsu3odpQOORHyPwE2Tfuzo1taHadj22-brpQ959yVLZfNhJA_gEV61IB</recordid><startdate>20230403</startdate><enddate>20230403</enddate><creator>Zhang, Lei</creator><creator>Miranskyy, Andriy</creator><creator>Rjaibi, Walid</creator><creator>Stager, Greg</creator><creator>Gray, Michael</creator><creator>Peck, John</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20230403</creationdate><title>Making existing software quantum safe: a case study on IBM Db2</title><author>Zhang, Lei ; Miranskyy, Andriy ; Rjaibi, Walid ; Stager, Greg ; Gray, Michael ; Peck, John</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a951-3cb2c48f0c39c0da217be0b59ce66c216126716322f9627c3503ea2702e68ba73</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Algorithms</topic><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Emerging Technologies</topic><topic>Computer Science - Software Engineering</topic><topic>Quantum computers</topic><topic>Quantum computing</topic><topic>Quantum cryptography</topic><topic>Safety</topic><topic>Software</topic><toplevel>online_resources</toplevel><creatorcontrib>Zhang, Lei</creatorcontrib><creatorcontrib>Miranskyy, Andriy</creatorcontrib><creatorcontrib>Rjaibi, Walid</creatorcontrib><creatorcontrib>Stager, Greg</creatorcontrib><creatorcontrib>Gray, Michael</creatorcontrib><creatorcontrib>Peck, John</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Access via ProQuest (Open Access)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>arXiv Computer Science</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Zhang, Lei</au><au>Miranskyy, Andriy</au><au>Rjaibi, Walid</au><au>Stager, Greg</au><au>Gray, Michael</au><au>Peck, John</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Making existing software quantum safe: a case study on IBM Db2</atitle><jtitle>arXiv.org</jtitle><date>2023-04-03</date><risdate>2023</risdate><eissn>2331-8422</eissn><abstract>The software engineering community is facing challenges from quantum computers (QCs). In the era of quantum computing, Shor's algorithm running on QCs can break asymmetric encryption algorithms that classical computers practically cannot. Though the exact date when QCs will become "dangerous" for practical problems is unknown, the consensus is that this future is near. Thus, the software engineering community needs to start making software ready for quantum attacks and ensure quantum safety proactively. We argue that the problem of evolving existing software to quantum-safe software is very similar to the Y2K bug. Thus, we leverage some best practices from the Y2K bug and propose our roadmap, called 7E, which gives developers a structured way to prepare for quantum attacks. It is intended to help developers start planning for the creation of new software and the evolution of cryptography in existing software. In this paper, we use a case study to validate the viability of 7E. Our software under study is the IBM Db2 database system. We upgrade the current cryptographic schemes to post-quantum cryptographic ones (using Kyber and Dilithium schemes) and report our findings and lessons learned. We show that the 7E roadmap effectively plans the evolution of existing software security features towards quantum safety, but it does require minor revisions. We incorporate our experience with IBM Db2 into the revised 7E roadmap. The U.S. Department of Commerce's National Institute of Standards and Technology is finalizing the post-quantum cryptographic standard. The software engineering community needs to start getting prepared for the quantum advantage era. We hope that our experiential study with IBM Db2 and the 7E roadmap will help the community prepare existing software for quantum attacks in a structured manner.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.2110.08661</doi><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier EISSN: 2331-8422
ispartof arXiv.org, 2023-04
issn 2331-8422
language eng
recordid cdi_arxiv_primary_2110_08661
source arXiv.org; Free E- Journals
subjects Algorithms
Computer Science - Cryptography and Security
Computer Science - Emerging Technologies
Computer Science - Software Engineering
Quantum computers
Quantum computing
Quantum cryptography
Safety
Software
title Making existing software quantum safe: a case study on IBM Db2
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-19T05%3A50%3A58IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Making%20existing%20software%20quantum%20safe:%20a%20case%20study%20on%20IBM%20Db2&rft.jtitle=arXiv.org&rft.au=Zhang,%20Lei&rft.date=2023-04-03&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.2110.08661&rft_dat=%3Cproquest_arxiv%3E2583227300%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2583227300&rft_id=info:pmid/&rfr_iscdi=true