Let’s get ready for Post-Quantum Cryptography in Dashlane

A key component of Dashlane's “North Star” mission statement is to make security simple. To best protect the data of our customers, we have to stay tuned to emerging innovations. As a result, I have spent the last three months investigating Post-Quantum Cryptography and its future integration in Dashlane. Here are some takeaways.

Post-Quantum Cryptography is cryptography that runs on classical computers, like yours and mine, but which we believe is resistant to quantum computers: computers using quantum physics properties.

Wait! Classical cryptography is not enough?

You may have heard of classical asymmetric ciphers such as RSA, Diffie-Hellman, and ECDH. The algorithms' security in these examples rely on a mathematical problem known as the discrete logarithm problem. However, security specialists already know this problem is not secured anymore with quantum computers.

Quantum computers that are currently built do not seem powerful enough to crack real-world cryptographic keys, but the domain is evolving quickly and many big tech-firms such as Google, Microsoft, Amazon, Intel and IBM are involved in this race. So much so that the White House released a National Security Memorandum in January that gave the NSA (National Security Agency) 90 days to “revise and make available to Chief Information Officers [...] quantum resistant protocols, and planning for use of quantum resistant cryptography where necessary.” Furthermore, this memorandum gives agencies 180 days to “identify any instances of encryption not in compliance with NSA-approved Quantum Resistant Algorithms [or the other NSA-approved algorithms]”.

The goal is to use new algorithms whose security relies on other problems rather than discrete logarithm that we believe are resistant to quantum computers.

Many new algorithm schemes have been released in previous decades, and in 2016, NIST (the National Institute of Standards and Technology) started a competition to designate Post-Quantum algorithms standards. This kind of competition is not uncommon. Both AES and SHA-3 have been standardized in this manner and they help unite researchers from around the world to build the best cryptographic algorithms.

Though this competition is ongoing, four winners have been identified as July 5, 2022 that will be standardized. There will be one encryption algorithm: CRYSTALS-Kyber, and three signature algorithms: CRYSTALS-Dilithium, Falcon and SPHINCS+.

The next step will be the release of the standards and the associated implementations.

Symmetric cryptography, which is currently used to encrypt your personal passwords, is considered safe against quantum computers.

However, Dashlane is currently using asymmetric cryptography when passwords or notes are shared between users. We plan to use the new Post-Quantum standards as soon as possible once they are standardized.  As a result, we have conceived of a Proof-of-Concept to study how they can be integrated into our existing software. 

But how can we trust those algorithms that are still new?

We currently operate using a hybrid mode, and will likely continue doing so.This mode consists of both Pre-Quantum (like RSA) and Post-Quantum (like CRYSTALS-Kyber) algorithms and ensure that we still have the security of the previous algorithms if a new algorithm is broken.  Furthermore, if Quantum Computers become powerful enough to crack Pre-Quantum ciphers, we have the security offered by the Post-Quantum ones.

We get the best of both worlds. 

lllustrated hybrid-mode encryption

In order to integrate the new Post-Quantum algorithms whose reference implementation is written in C code, we have had to create bindings that can run in browsers. That is why we have released an open-source project named pqc.js on GitHub: https://github.com/Dashlane/pqc.js/. This project compiles the implementations of all finalists and alternate finalists in the NIST competition in WebAssembly with a fallback in plain JavaScript (for the rare browsers that still can't run WebAssembly code). The output code is distributed as both Node.js and browser packages and you can use them to test how well you can migrate to Post-Quantum Cryptography with real-world conditions. Those bindings are compatible with Manifest V3 so you can integrate them into Web extensions.

Until the standards are released, you can also test and benchmark the different bindings on this playground we have designed: https://dashlane.github.io/pqc.js/.

Playground of pqc.js

Let's all get ready for a world in which quantum computers exist! Want to take an even deeper dive into our security? Read our white paper.

Jérôme Boillot

Read more