Hello
After NIST release new encryption standards (FIPS 203-205) a couple of days ago, I have received some questions about when we can expect Veeam to release their products with an encryption algorithm that secure us against attacks using quantum technologies?
Is Veeam working on this, and do we know anything about when we can expect this to become available?
-
OddvarBolset
- Service Provider
- Posts: 7
- Liked: 1 time
- Joined: Mar 15, 2023 10:30 am
- Contact:
-
Gostev
- Chief Product Officer
- Posts: 32383
- Liked: 7751 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: Release of the new encryption standard
Hello, if the standards were released just a couple of days ago, then it is safe to say we're not working on this yet. It will take some time to research these standards, before any specific plans can be made.
However, usually there's no rush required in such cases. In my experience, the main issue with any brand new encryption standards has been consistent in the past 20 years: it takes a very long time (sometimes years) for all 3rd party platforms and components we work with to actually adopt them, before we can even contemplate enabling and using them in the backup infrastructure.
Thanks
However, usually there's no rush required in such cases. In my experience, the main issue with any brand new encryption standards has been consistent in the past 20 years: it takes a very long time (sometimes years) for all 3rd party platforms and components we work with to actually adopt them, before we can even contemplate enabling and using them in the backup infrastructure.
Thanks
-
OddvarBolset
- Service Provider
- Posts: 7
- Liked: 1 time
- Joined: Mar 15, 2023 10:30 am
- Contact:
Re: Release of the new encryption standard
I understand this kind of things takes time. I hope we have an encryption that can protect us against potential attackers using quantum technologies when the technology is good enough and utilized by organizations with bad intention.
-
Gostev
- Chief Product Officer
- Posts: 32383
- Liked: 7751 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: Release of the new encryption standard
Actually, I talked about this particular threat aka "Harvest now, decrypt later" at the VeeamON 2024 keynote session, in relation to the encryption enhancements in version 12.1... basically, with those changes from last year you're in a pretty good place already today wrt. this attack.
Thing is, while usable quantum computers are not yet available to hackers, the most optimal algorithm to attack the encryption is of course already known from theoretical exercise based on future quantum computers' capabilities. It's called Grover's algorithm and as a very simple approximation, you can think of it "reducing" our current AES-256 bit encryption to the effecting strength of AES-128 bit one. Which still gives you a reasonably strong encryption and protection against brute force when using long encryption passwords.
But of course, we will not just happily sit on this and will keep strengthening our encryption and adopting any new standards, especially FIPS since this one is critical for our government customers.
Thing is, while usable quantum computers are not yet available to hackers, the most optimal algorithm to attack the encryption is of course already known from theoretical exercise based on future quantum computers' capabilities. It's called Grover's algorithm and as a very simple approximation, you can think of it "reducing" our current AES-256 bit encryption to the effecting strength of AES-128 bit one. Which still gives you a reasonably strong encryption and protection against brute force when using long encryption passwords.
But of course, we will not just happily sit on this and will keep strengthening our encryption and adopting any new standards, especially FIPS since this one is critical for our government customers.
Who is online
Users browsing this forum: Bing [Bot] and 31 guests