Now that the National Institute of Standards and Technology (NIST) released its three new standards that include algorithms for signatures and encryption for post-quantum cryptography (PQC), why do these standards matter and what should security teams do to prepare for the transition to PQC?
These standards matter because it was the NIST public-key cryptography standards that supplied the security framework for the public internet to take off and thrive since the 1990s.
In its eight-year-long effort to develop PQC standards, NIST aims to do the same for the era of quantum computing in which crypto experts are concerned that quantum computers in the wrong hands could crack our existing cryptography.
"Quantum computing technology could become a force for solving many of society's most intractable problems, and the new standards represent NIST's commitment to ensuring it will not simultaneously disrupt our security," said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio. "These finalized standards are the capstone of NIST's efforts to safeguard our confidential electronic information."
Vince Berk, chief strategist at the Quantum Xchange, pointed out in an Aug. 8 blog that there’s no immediate danger from quantum computers in the wrong hands. Most quantum computers are still cumbersome and complex, and reside mostly in laboratories, he said.
“The biggest quantum computers are still far too small to solve a complex problem such as breaking encryption,” said Berk. “That doesn’t mean quantum computers aren’t getting bigger and bigger every year. They are, and the quantum threat is real.”
Berk explained that there’s a risk of storing encrypted data today and decrypting it in the future with a quantum computer: an attack vector called “harvest now, decrypt later” that applies to files and also to telecommunications.
“What’s captured today can be stored for future encryption,” said Berk. “While expensive and cumbersome, if an adversary believes you are communicating important secrets, this approach may be well worth it to them. So even today, we are seeing the need for new, quantum-safe encryption algorithms because of this harvesting risk.”
Jon France, chief information security officer for ISC2, added that within the next five to 10 years, quantum technology will likely become commercially available, making it a very real threat to past and outdated encryption algorithms — many of which are used to conceal the nation's top secrets.
“Building cyber resilience in preparation for quantum technology should have been an effort started a decade ago…but now is the second best time,” said France. “We'll see both the private and public sector's increased awareness around the challenges associated with quantum resilience, and we'll see efforts begin to take hold more significantly to prepare for quantum computing.”
What security teams should do to prepare
Jason Soroko, senior vice president of product at Sectigo, said security teams looking to prepare for PQC should start pilot programs in high-risk areas, collaborate with vendors and consortia for interoperable solutions, invest in training, and adopt a phased deployment strategy, beginning with critical systems and expanding as technology and expertise develop.
Aaron Moore, chief technology officer at QuSecure, added that with the release by NIST of the PQC standards, the security industry will embark on one of its most significant modernization migrations. Along with assessing cryptographic assets, developing a PQC plan and conducting research and testing, Moore said organizations also need to develop a data strategy.
“It’s true that virtually all secure digital communications now require an upgrade to post-quantum encryption, and that migration should start now,” said Moore. “However some [data] use cases are higher priority while others can safely be deferred for several years.”
Here are four ways to prepare for the new PQC standards :
- Assess and inventory cryptographic assets: Conduct a comprehensive audit of all cryptographic assets and protocols in use within the organization. This includes identifying where cryptographic algorithms are used for data protection, authentication, digital signatures, and other critical security functions. Teams need to do this because understanding the organization’s cryptographic landscape is crucial for determining which assets are vulnerable to quantum attacks and need upgrading to post-quantum algorithms.
- Develop a PQC transition plan: Create a detailed transition plan that outlines how and when the organization will adopt post-quantum cryptographic algorithms. This plan should include timelines, resource allocation, and integration strategies for new PQC algorithms with existing systems. Transitioning to post-quantum cryptography is a complex, multi-year process that requires careful planning to minimize disruption and ensure continued security. Early planning allows for a smoother transition when PQC standards become widely available.
- Engage in PQC research and testing: Begin testing and integrating NIST-approved post-quantum cryptographic algorithms within the organization’s infrastructure. This includes participating in pilot programs, collaborating with vendors, and engaging in ongoing research to stay informed about the latest developments in PQC. Early adoption and testing will help organizations identify potential challenges and refine their implementation strategies. Engaging in research ensures the organization remains at the forefront of PQC advancements and is prepared to implement secure algorithms as they become standardized.
- Develop a data strategy: There are three types of data that organizations need to focus on:
Priority 1: Data that needs to remain private for several years. Data breaches brought on by "store now, decrypt later" quantum decryption can cause organizations to face negative business impacts should that data be harvested today and made readable to bad actors in the coming years. Examples are national security information, electronic health records, trade secrets, and online banking accounts. Organizations should target deploying post-quantum encryption for these types of data as soon as possible.
Priority 2: Highly sensitive data that only needs to remain private for a short period of time. This would also include systems where there would be significant negative impact if bad actors could intercept and manipulate them. For example: stock trades set for the following day, public company earnings filed shortly before announcing publicly, as well as industrial control systems, energy grid, and telecommunications networks. Such data is not as vulnerable to store now, decrypt later attacks, however would be highly vulnerable when a cryptographically relevant quantum computer comes online. Organizations should target completing deploying of PQC to such use cases in the next 18-24 months.
Priority 3: Data that travels over encrypted networks, but has a short shelf life and would be unlikely to cause serious business impact if it were leaked. For example: weather channel data, and other use cases where that information is made publicly available soon after creation. Organizations should target completing deploying of PQC to such use cases by 2030.