Secure Java Applications against Quantum Threats

Secure Java Applications against Quantum Threats

• 1.
  Secure Java Applications AgainstQuantum Threats Ana-Maria Mihalceanu Senior Java Developer Advocate @ Oracle https://bsky.app/profile/ammbra1508.bsky.social https://mastodon.social/@ammbra1508 https://twitter.com/ammbra1508
• 2.
  Goals Understand the urgency foradvancing quantum cryptography Explore solutions and standards Leverage JDK security to build resilient applications 2 Copyright © 2025, Oracle and/or its affiliates
• 3.
  Why Quantum Cryptography MattersNow ?
• 4.
  Data Incident InvolvingYour Personal Information “ We’re writing to inform you that some of your personal data shared with one of our contractors was involved in a recent security incident. The data was encrypted using industry-standard cryptographic methods. While the encrypted files were accessed by an unauthorized party, they remain undecipherable. We are actively investigating and reinforcing our systems for added protection. You do not need to take any action at this time, but we remain available for any questions.” 4 Copyright © 2025, Oracle and/or its affiliates
• 5.
  The Math BehindECC Standard Elliptic Curve Cryptography (ECC) is a modern cryptographic approach based on the algebraic structure of elliptic curves over finite fields. y2=x3+ax+b mod p where a,b∈𝐹p and 4a3+27b2≠0 Finite Fields (Fp) Finite Fields operations are done modulo a prime p. 5 Copyright © 2025, Oracle and/or its affiliates Elliptic Curve Equation
• 6.
  Copyright © 2025,Oracle and/or its affiliates 6 Smaller Keys 256-bit ECC ≈ 3072-bit RSA Fast Calculations Faster computations and reduced resource usage. ECDSA Elliptic Curve Digital Signature Algorithm ECDH Elliptic Curve Diffie- Hellman for Secure Key Exchange Cryptographic Applications
• 7.
  Harvest now, DecryptLater 7 Copyright © 2025, Oracle and/or its affiliates Source: https://pixabay.com/photos/keyboard-hands-hacker-hack-4356763/
• 8.
  The Power ofQuantum Computers https://www.quantamagazine.org/john-preskill-explains- quantum-supremacy-20191002 https://cloudsecurityalliance.org/research/working- groups/quantum-safe-security 8 Copyright © 2025, Oracle and/or its affiliates | Confidential: Internal/Restricted/Highly Restricted
• 9.
  A New MathematicalApproach 9 Copyright © 2025, Oracle and/or its affiliates | Confidential: Internal/Restricted/Highly Restricted L={a⋅b1+b⋅b2 ∣ a,b ∈ 𝕫 }
• 10.
  Copyright © 2025,Oracle and/or its affiliates 10 Lattice A lattice is a discrete grid of points in ℝn, defined as integer combinations of linearly independent vectors. Module Lattice A module lattice generalizes this over polynomial rings. Lattice-Based KEMs Lattice-based KEMs rely on mathematical problems such as Learning With Errors or Ring Learning With Errors. NP-Hard These are NP- hard problems for quantum computers. Math Behind Module-Lattice Based Cryptography
• 11.
  Growing Interest forQuantum Resistant Cryptography 11 Copyright © 2025, Oracle and/or its affiliates Source: https://media.defense.gov/2022/Sep/07/2003071836/-1/-1/0/CSI_CNSA_2.0_FAQ_.PDF
• 12.
  Towards (Post) Quantum Cryptography
• 13.
  Hybrid Public KeyEncryption (HPKE) A new standard for public-key encryption that lets a sender encrypt arbitrary-length messages under a receiver’s public key. Can be either for pre-quantum or post-quantum secure communication. 13 Copyright © 2025, Oracle and/or its affiliates
• 14.
  “HPKE works forany combination of an asymmetric KEM, key derivation function (KDF), and authenticated encryption with additional data (AEAD) encryption function.” RFC 9180 on Hybrid Public Key Encryption 14 Copyright © 2025, Oracle and/or its affiliates
• 15.
  Forward Thinking SecurityStandards FIPS 203 A standard for general encryption, based on ML-KEM. FIPS 204 The primary standard for protecting digital signatures, based on ML-DSA. FIPS 205 Stateless Hash-Based Digital Signature Standard 15 Copyright © 2025, Oracle and/or its affiliates Source: https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards
• 16.
  Advancing JDK Security Copyright© 2025, Oracle and/or its affiliates 16 JEP 452: Key Encapsulation Mechanism API JDK 21 • JEP 478: Key Derivation Function API (Preview) • JEP 496: Quantum-Resistant Module-Lattice-Based Key Encapsulation Mechanism • JEP 497: Quantum-Resistant Module-Lattice-Based Digital Signature Algorithm JEP 510: Key Derivation Function API JDK 25 JDK 24
• 17.
  Helpful JDK Tools
• 18.
  Generate ML-KEM KeyPairs with Keytool (Example) 18 Copyright © 2025, Oracle and/or its affiliates # generates a certificate signed with EC keytool -genkeypair -alias $SERVER_ALIAS -keyalg ec -validity 365 -keystore server.p12 -storepass $PASSWORD -keypass $PASSWORD # generate the ML-KEM key pair keytool -keystore server.p12 -storepass $PASSWORD -genkeypair -alias server-mlkem -keyalg ML-KEM-768 -signer $SERVER_ALIAS
• 19.
  Generate ML-DSA KeyPairs with Keytool (Example) 19 Copyright © 2025, Oracle and/or its affiliates keytool -genkeypair -alias server-mldsa -keyalg ML-DSA-44 -validity 365 -keystore server.p12 -storepass $PASSWORD -keypass $PASSWORD # or provide the parameter-set name, ML-DSA-44, directly via the -keyalg option: keytool -genkeypair -alias server-mldsa -keyalg ML-DSA -groupname ML-DSA-44 -validity 365 -keystore server.p12 -storepass $PASSWORD -keypass $PASSWORD
• 20.
  Capture Relevant DetailsAbout X.509 Certificates with JFR 20 Copyright © 2025, Oracle and/or its affiliates # enable jdk.X509Certificate and jdk.X509Validation options in your JFR config file <event name="jdk.X509Certificate"> <setting name="enabled">true</setting> <setting name="stackTrace">true</setting> </event> <event name="jdk.X509Validation"> <setting name="enabled">true</setting> <setting name="stackTrace">true</setting> </event> # or run jfr configure command in a terminal window $JAVA_HOME/bin/jfr configure jdk.X509Certificate#enabled=true jdk.X509Validation#enabled=true
• 21.
  Inspect Successful TLSHandshakes 21 Copyright © 2025, Oracle and/or its affiliates # start a recording jcmd llvmid JFR.start duration=60s filename=/tmp/TLS.jfr # use jfr print command $JAVA_HOME/bin/jfr print --events "TLS*" /tmp/TLS.jfr jdk.TLSHandshake { ... peerHost = "google.com" peerPort = 8443 protocolVersion = "TLSv1.3" cipherSuite = "TLS_AES_128_GCM_SHA256" ... }
• 22.
  Don’t Forget toScrub Sensitive Data 22 Copyright © 2025, Oracle and/or its affiliates # Filter data from the specified recording file. jfr scrub [filters] [recording-file] [output-file] # Supply which events to include. jfr scrub --include-events jdk.X509Certificate,jdk.X509Validation rec.jfr # Include a category and exclude events. jfr scrub --include-categories Security --exclude-events jdk.X509Validation rec.jfr # Remove all events by category jfr scrub --exclude-categories Security rec.jfr
• 23.
  What’s Next forYou? Audit your encrypted assets. Take care of your application by updating it to a recent JDK. Don’t assume encrypted = safe (forever). 23 Copyright © 2025, Oracle and/or its affiliates
• 24.
  Stay Tuned ForMore! 24 Copyright © 2025, Oracle and/or its affiliates inside.java youtube.com/java dev.java
• 25.
  Demo Code 25 Copyright© 2025, Oracle and/or its affiliates
• 26.
  Thank you Copyright ©2025, Oracle and/or its affiliates 26