The need for organisations, particularly those critical to infrastructure, to begin preparations for the shift to post-quantum cryptography (PQC) standards has been underscored by a joint release from the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and National Institute of Standards and Technology (NIST).
Dubbed 'Quantum-Readiness: Migration to Post-Quantum Cryptography,' the document delineates crucial measures and advice for forming quantum-ready roadmaps. This resource facilitates comprehension of cryptographic inventories, collaboration with technology providers, and assessment of the reliance on quantum-vulnerable cryptography in assets and systems. The factsheet also provides recommendations for technology vendors to embrace post-quantum cryptographic algorithms, examine NIST's preliminary PQC standards, and prepare for the forthcoming final standards.
The creation of a roadmap assists in evaluating quantum-related risks and offers insights into dependencies on public-key cryptography within an operational setting. Through this collaborative endeavour, a seamless transition to secure quantum computing capabilities is sought, urging timely action to mitigate potential risks.
Why does it matter?
One major concern related to advancements in quantum computing is that once widely available, quantum computers will be able to break current encryption mechanisms. This is why standard-setting bodies are working on post-quantum roadmaps to ensure a rather smooth transition from traditional encryption. As quantum computing capabilities advance, so do potential threats to data security. This collaborative effort urges organisations, particularly those critical to infrastructure, to proactively prepare for the post-quantum era.