Blog

President Biden Signs Memorandum Regarding Post-Quantum Cryptography

President Biden signs a memorandum on Improving the Cybersecurity of National Security. The memo that highights the importance of taking an inventory of classical encryption schemes and begin implementing Post-Quantum Cryptography (PQC).

Guide to a Quantum-Safe Organization

“A Guide to a Quantum-Safe Organization” is a concise yet wide-ranging introduction to preparing for future quantum computers which someday will be able to decrypt today’s most common key encryption standards. The Guide reviews this future threat, mitigation technologies such as post-quantum cryptography (PQC) and QKD, economic considerations, and practical steps organizations can take starting now. This is a single introductory source written for a broad audience. No advanced physics degrees required!

Cloud Security Alliance: Practical Preparations for the Post-Quantum World

The Cloud Security Alliance (CSA) discusses the cybersecurity challenges and recommended steps to reduce likely new risks due to quantum information sciences. This paper was created for awareness and education, and to communicate example steps every organization should be performing to prepare for the post-quantum world. Following its recommendations should result in increased project efficiencies, decreased cybersecurity risk, and increased, long-term, crypto-agility. Part I is a discussion of the various quantum threats which require mitigation. Part II is an actionable, step-by-step, blueprint for preparing for the post-quantum world.

Key Takeaways:

  • Part 1: Outline the quantum threats that will need to be mitigated
  • Part 2: Steps to prepare for the post-quantum world
Migration to Post-Quantum Cryptography

The NIST National Cybersecurity Center of Excellence (NCCoE) is initiating the development of practices to ease the migration from the current set of public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks. The Migration to Post-Quantum Cryptography practices will take the form of white papers, playbooks, and demonstrable implementations for organizations. In particular, the audience for these practices is intended to include organizations that provide cryptographic standards and protocols and enterprises that develop, acquire, implement, and service cryptographic products. This effort complements the NIST post quantum cryptography (PQC) standardization activities.

Crypto Agility Consideration in Migrating to Post-Quantum Cryptographic Algorithms

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute of Standards and Technology (NIST), is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges. The NCCoE outlines Migration to Post-Quantum Cryptography and Getting Ready for Post-Quantum Cryptography. NCCoE discusses how the advent of quantum computing technology will compromise many of the current cryptographic algorithms, especially public-key cryptography, which is widely used to protect digital information. Most algorithms on which we depend are used worldwide in components of many different communications, processing, and storage systems. Once access to practical quantum computers becomes available, all public-key algorithms and associated protocols will be vulnerable to criminals, competitors, and other adversaries. It is critical to begin planning for the replacement of hardware, software, and services that use public-key algorithms now so that information is protected from future attacks.