OpenSSH is now quantum-secure, apparently

Microsoft quantum computing
(Image credit: Microsoft)

The maintainers of OpenSSH have rolled out an update designed to shield against cyberattacks powered by advanced quantum computers.

With the release of OpenSSH 9.0, the suite of secure networking utilities will benefit from a “hybrid” key exchange system, whereby a quantum-secure algorithm is paired with a traditional algorithm for the purposes of encryption.

Provided the endpoint and server are both running the latest version, an attacker would need to break both algorithms at once to gain access to data passing through the OpenSSH architecture.

Post-quantum security

Although the latest quantum computers are still unable to establish a meaningful advantage over traditional computers, the maturation of the technology in the coming years is expected to create various problems from a cybersecurity perspective.

Namely, large-scale quantum computers will have enough horsepower to break modern encryption, which means it would be a mistake to assume data protected today will remain secure for years to come. Threat actors may already be collecting large quantities of encrypted data in the hope of one day being able to access it.

The latest OpenSSH update is designed to guard against precisely this scenario, by future-proofing against attacks underpinned by emerging computing technologies.

“The NTRU algorithm is believed to resist attacks enabled by future quantum computers and is paired with the X25519 ECDH key exchange (the previous default) as a backstop against any weaknesses in NTRU Prime that may be discovered in the future. The combination ensures that the hybrid exchange offers at least as good security as the status quo,” the developers explained.

“We are making this change now (i.e. ahead of cryptographically-relevant quantum computers) to prevent ‘capture now, decrypt later’ attacks where an adversary who can record and store SSH session ciphertext would be able to decrypt it once a sufficiently advanced quantum computer is available.”

There is some debate as to how soon “cryptographically-relevant quantum computers” will emerge. Researchers from the University of Sussex in the UK recently estimated that quantum machines powerful enough to crack Bitcoin encryption will go live within the next decade. And another expert on the topic, Jaya Baloo of Avast, told TechRadar Pro she believes this is a sensible timeline.

Whether the protections put in place for OpenSSH will genuinely protect against attacks launched by quantum computers is uncertain, because it’s difficult to predict quite how powerful these machines will be.

But nonetheless, the move has been commended by the cybersecurity and quantum computing communities. In a blog post, the Head of Cybersecurity at Cambridge Quantum said the OpenSSH team should be congratulated for its foresight.

“Quantum presents both a threat and an opportunity to cybersecurity systems, and smart companies are exploring both sides of the coin today,” he said.

“OpenSSH has reminded the world that little is lost by embracing quantum-safe algorithms in an aggressive manner, provided a hybrid approach is used. Bravo to OpenSSH for getting the ball rolling.”

Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.