Facing The Quantum Challenge
The digital world we rely on stands at the precipice of a major challenge: quantum computers. These powerful machines, still young but rapidly maturing, have the potential to shatter the foundation of our encryption, jeopardising the security of online transactions, communications, and data.
Algorithms like RSA and ECC, currently safeguarding our digital landscape, will become vulnerable to quantum attacks at an alarming rate.
Experts worldwide acknowledge the urgency to prepare. Standard bodies, academics and industry players are working diligently to develop solutions, and the race is on to find and implement quantum resistant encryption methods.
PQC: The Quantum Shield
Post-quantum cryptography (PQC) acts as a beacon of hope, representing a paradigm shift in encryption. Leading the charge has been the United States National Institute of Standards and Technology (NIST), who are strongly advocating for the development and standardisation of PQC algorithms.
Unlike traditional methods, PQC leverages entirely different mathematical principles, making it resistant to the unique capabilities of quantum computers. Think of it as building a new and stronger fortress to protect our digital assets in the face of powerful new capabilities in computing.
Quantum Readiness Needs To Be A boardroom Discussion
The risk is real and requires action now - an example of a current risk is the 'harvest now and decrypt later’ problem. This approach involves adversaries collecting encrypted data today with the intent to decrypt it later using quantum computers. Every enterprise has encrypted transactions, intellectual property and digitally signed contracts that will be at risk in the future.
Taking accountability for this risk is the responsibility of the C-suite and mitigating this risk sooner rather than later is best driven top-down.
Boardrooms need to recognise this reality and actively engage in these discussions around quantum readiness. Frankly, if a business is not already preparing for quantum, it’s likely that they could be too late already - this is the severity of the threat which many don’t realise. Proactive leadership is required to understand the broader implications of quantum computing and recognises the urgent need to invest in future-proof solutions like PQC.
Big Tech Is Taking A Step In The Right Direction
Recent news shows that Apple is paving the way for other businesses as they have upgraded iMessage to withstand decryption by quantum computers. This implementation of quantum-safe algorithms by a major player like Apple suggests that even industry giants are acknowledging the very real possibility of quantum hacking.
This development could serve as a potential catalyst, encouraging other tech giants and companies to follow suit. As the industry grapples with the implications of quantum computing, Apple's initiative sets a strong precedent, paving the way for a collective effort towards securing the digital future.
The Secret Weapon: Crypto-agility
The key to navigating this new landscape lies in crypto-agility, the ability to adapt encryption mechanisms to evolving threats. PQC is a crucial step for this, which requires taking inventory of your cryptographic assets and migrating all digital certificates to new PQC-enabled versions.
Although this may sound like a gruelling task, it doesn’t have to be. Think of it like swapping out the lock mechanism on a door, instead of replacing the entire door frame. There is also opportunity for phased rollout, where critical systems and data can be prioritised for PQC adoption first, followed by less sensitive areas. This means businesses can leverage their existing infrastructure while adopting new, secure algorithms.
Building Secure Futures: A Proactive Approach
As a society, we are more interconnected than ever with new IOT devices, services and applications constantly being built and developed. That’s why moving forward, creating new systems with quantum safe PKI and PQC in mind from the very beginning is vital. This proactive approach ensures long-term security against future quantum threats, especially for devices with extended lifespans.
The potential of quantum computing is undeniable, but so is the threat it poses to our digital security.
Businesses who collectively embrace PQC as imperative are the key to navigating the quantum era with confidence. By working together, it’ll be possible to unlock the benefits of this powerful technology while safeguarding our digital world for generations to come.
Jason Soroko is SVP of Product Management at Sectigo.
Image: Shubham Dhage
You Might Also Read:
CISA's Post-Quantum Cryptography Initiative:
DIRECTORY OF SUPPLIERS - Post-Quantum Security:
___________________________________________________________________________________________
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquiries: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible