President Biden signs a memorandum on Improving the Cybersecurity of National Security. The memo that highights the importance of taking an inventory of classical encryption schemes and begin implementing Post-Quantum Cryptography (PQC).
“A Guide to a Quantum-Safe Organization” is a concise yet wide-ranging introduction to preparing for future quantum computers which someday will be able to decrypt today’s most common key encryption standards. The Guide reviews this future threat, mitigation technologies such as post-quantum cryptography (PQC) and QKD, economic considerations, and practical steps organizations can take starting now. This is a single introductory source written for a broad audience. No advanced physics degrees required!
The Cloud Security Alliance (CSA) discusses the cybersecurity challenges and recommended steps to reduce likely new risks due to quantum information sciences. This paper was created for awareness and education, and to communicate example steps every organization should be performing to prepare for the post-quantum world. Following its recommendations should result in increased project efficiencies, decreased cybersecurity risk, and increased, long-term, crypto-agility. Part I is a discussion of the various quantum threats which require mitigation. Part II is an actionable, step-by-step, blueprint for preparing for the post-quantum world.
The NIST National Cybersecurity Center of Excellence (NCCoE) is initiating the development of practices to ease the migration from the current set of public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks. The Migration to Post-Quantum Cryptography practices will take the form of white papers, playbooks, and demonstrable implementations for organizations. In particular, the audience for these practices is intended to include organizations that provide cryptographic standards and protocols and enterprises that develop, acquire, implement, and service cryptographic products. This effort complements the NIST post quantum cryptography (PQC) standardization activities.
The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute of Standards and Technology (NIST), is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges. The NCCoE outlines Migration to Post-Quantum Cryptography and Getting Ready for Post-Quantum Cryptography. NCCoE discusses how the advent of quantum computing technology will compromise many of the current cryptographic algorithms, especially public-key cryptography, which is widely used to protect digital information. Most algorithms on which we depend are used worldwide in components of many different communications, processing, and storage systems. Once access to practical quantum computers becomes available, all public-key algorithms and associated protocols will be vulnerable to criminals, competitors, and other adversaries. It is critical to begin planning for the replacement of hardware, software, and services that use public-key algorithms now so that information is protected from future attacks.