NordVPN launches first app with post-quantum encryption support
NordVPN is taking a pioneering step toward addressing future encryption challenges by introducing cutting-edge post-quantum cryptography on the NordVPN Linux app. As quantum computing promises to revolutionize cybersecurity, this step aims to mitigate potential cyber risks by advancing end-to-end secure messaging and providing encryptions that can withstand extremely capable quantum decryption. But what is quantum computing and why should you need post-quantum encryption for your security? Let’s find out.
Table of Contents
Table of Contents
What is quantum computing?
Quantum computing is a technology that harnesses the principles of quantum mechanics to perform calculations with exponentially greater capacity than current digital computers. Even at its early stage, quantum computing already shows the potential to far surpass today’s fastest systems.
Quantum computing’s enormous capabilities raise hopes of solving complex problems beyond current digital systems’ capacity. Experts predict that quantum computers will be used to model molecules to help cure diseases like cancer, advance space exploration, and potentially break modern encryption protocols.
What are the dangers of quantum computers?
The superior processing power of quantum computers brings exciting opportunities. However, if this technology falls into the wrong hands, the potential cyber risks can pose greater cyber threats than ever before.
The current challenge for the cybersecurity industry is figuring out how to outrun quantum computing’s enormous decryption abilities. To put it in perspective, today’s encryption methods, like RSA, can take traditional computers hundreds of years to crack, while quantum computers could bypass them in mere seconds. Such computation capabilities pose a serious threat to individuals, businesses, and governments.
According to the experts, the biggest issue regarding quantum computers is that cybercriminals are already hoarding encrypted data for a later decryption. Or as Marijus Briedis, CTO at NordVPN, puts it “cybercriminals may already be intensifying what is known as ‘harvest now, decrypt later’ attacks. Simply put, they are trying to accumulate huge quantities of encrypted data and decrypt them once quantum technology is developed.” And even though quantum computing is still under development, safeguarding sensitive data now instead of later presents a strong and necessary cybersecurity enhancement for individuals and companies alike (especially those, who work with critically sensitive info, such as research data, personal information, or classified files).
This is why major tech companies, governments, and even institutions such as the CIA or FBI are closely monitoring the development of this technology and already looking for or implementing post-quantum encryption solutions. NordVPN is also keeping track of post-quantum cryptography engineering and working to create tools that would keep sensitive data safe from quantum cybercriminals. The introduction of post-quantum cryptography in NordVPN’s Linux app marks its first step toward this goal.
NordVPN’s first post-quantum encryption app
At the end of September, NordVPN released a Linux app update that includes the first post-quantum cryptography upgrade for the Nordlynx protocol. The upgraded protocol complies with the latest National Institute of Standards and Technology (NIST) standards for post-quantum encryption and aims to safeguard Linux users from quantum decryption, while also gathering essential performance data, including the impact on connection times and speeds.
Based on these insights, NordVPN will strive to extend post-quantum cryptography support to all of its applications. The collected data should serve as a stepping stone in the transition to quantum-resistant encryption methods. Briedis says, “With this launch, we start a major transition to new-generation encryption of all our applications, providing long-term security for our users.”
The challenges
Although it holds great potential (such as adding an extra layer of security for personal and corporate communications, R&D databases, and even sensitive government information), implementing post-quantum encryption is a complex and resource-intensive task. Updated security algorithms typically require much larger key sizes and signatures than traditional ones, leading to increased computational overhead and potentially slower VPN speed and performance, particularly in high-throughput environments.
“These technical challenges are the reason for the gradual implementation of post-quantum cryptography support to our applications. We want to be completely sure that we will keep the highest level of user experience in terms of connection time and speed during the transition,” Briedis says.
As cryptographic needs evolve, systems must be ready to adapt to new cryptographic standards — a concept known as crypto-agility. NordVPN aims to be at the forefront of providing users with seamless and safe quantum VPN connections when the time comes.