NATO Tests A Post-Quantum VPN

Scientists are predicting that quantum computers will soon be able to break some commonly used encryption methods and it transpires that NATO and allies have been testing post-quantum solutions to prepare for possible future attacks. 

Post-Quantum provides different algorithms to ensure security, even when facing attackers using quantum computing. 

A Virtual Private Network (VPN) can use these algorithms to secure communications, ensuring that only the correct recipient can read the data. 

The British National Cyber Security Centre (NCSC) has performed successful tests of communication flows secured for a post-quantum world, using a VPN designed and built by Post-Quantum, a UK-based quantum cyber specialist. The NCSC stated that it is becoming increasingly important to stay alert of current and projected threats, prompting the tests. 

The trial began in March 2021, and was recently completed as quantum computing is becoming more practical and affordable. This means that attackers may begin adopting the technology to advance their attacks. It is thought that a quantum computer will soon be able to break most, if not all, current encryption methods leaving email, secure banking and communications systems vulnerable to disruption from malicious actors. 

This means all large organisations, technology companies and Internet standards will need to transition to quantum-secure encryption.

The NCSC has responsibility for protecting NATO networks as part of a project was financed by the Allied Command Transformation’s VISTA framework.  which is tasked with leveraging knowledge and research done by NATO enterprise, nations, academia and industry to “enable science and technology for accelerated warfare development”. The NCSC worked with a UK-based company Post-Quantum to conduct the test. The company provides organisations with algorithms that ensure security even if attackers are leveraging quantum computing and according to Post-Quantum, its technology blends both post-quantum and traditional encryption algorithms to ensure that data transiting the VPN can only be read by the intended recipient. 

Post-Quantum uses VPN algorithms to secure communications and make sure that only the correct recipient can read the data.

“Securing NATO’s communications for the quantum era is paramount to our ability to operate effectively without fear of interception... With the threat of ‘harvest now and decrypt later’ looming over secure communications, this is an increasingly important effort to protect against current and future threats.” said Konrad Wrona, principal scientist at the NATO Communications & Information Agency (NCIA). 

It will take several years for systems to migrate to quantum-secure technology and right now it appears more realistic to combine cutting-edge algorithms with more traditional encryption to ensure interoperability into the future.

The technology has already been proposed to the Internet Engineering Taskforce (IETF) for open standardisation.

Post-Quantum has developed a suite of quantum-safe software products with a focus on identity, transmission and encryption, delivering end-to-end quantum-secure environments. “Over 10 years of deep R&D means we are well placed to engineer real-world quantum-safe solutions,” said Andersen Cheng, CEO of Post-Quantum. “This project with NATO is an important milestone in the world’s migration to a quantum-safe ecosystem. Organisations would be wise to take action now.”

NCIA:     NCIA:     Computer Weekly:      Oodaloop:     Post-Quantum:     Information Age:     ZDNet:     

You Might Also Read: 

Quantum Computing Will Have A Revolutionary Effect:

 

« Russia Threatens To Block Wikipedia
Microsoft Exchange Exploited By ‘Cuba’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

Cloudbric

Cloudbric

Cloudbric is a cloud-based web security service, offering award-winning WAF, DDoS protection, and SSL, all in a full-service package.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

Veriato

Veriato

Veriato develops intelligent solutions that provide companies with visibility into the human behaviors and activities occurring within their network, making them more secure and productive.

NetKnights

NetKnights

NetKnights is an independent IT security company which offers services and products for strong authentication, identity management and encryption.

Intrinsyc Technologies

Intrinsyc Technologies

Intrinsyc provides product development services and Edge Computing modules that are helping to take the Internet of Things products to the next level.

ACROS Security

ACROS Security

ACROS Security is a leading provider of security research, real penetration testing and code review for customers with the highest security requirements.

Salient Law

Salient Law

Salient Law is a virtual law firm that specialises in advising providers and users of technology on contracts involving technology.

Insight Partners

Insight Partners

Insight Partners is a leading global private equity and venture capital firm investing in growth-stage technology, software and Internet businesses.

Bugraptors

Bugraptors

BugRaptors is a certified software testing company with extensive experience as a third-party testing vendor, effectively proven as a leader in software testing & QA Services.

Passbase

Passbase

Passbase is building a full-stack identity verification engine backed by verified government documents.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

Netstar

Netstar

Netstar is an IT Support company based in Central London providing fully managed IT Support, Cyber Security and Technology Consulting services.

Onyxia Cyber

Onyxia Cyber

Onyxia's unique dynamic cybersecurity platform identifies gaps and prioritizes recommendations for proactive cybersecurity strategy, performance, remediation and management.

Diversified Search Group - Alta Associates

Diversified Search Group - Alta Associates

Diversified Search Group is an industry leader in recruiting diverse, inclusive and transformational leadership for clients.

Center for Cyber Security Studies & Research (CFCS2R)

Center for Cyber Security Studies & Research (CFCS2R)

CFCS2R's mission is to empower individuals, organizations, and governments with the knowledge and tools necessary to protect against cyber threats.

SPYROS Information & Technology Consulting

SPYROS Information & Technology Consulting

SPYROS specializes in providing highly qualified professionals in Computer Network Operations, Signals Intelligence, Technical Training and Certifications, Network Administration and Security.

Frenos

Frenos

The Frenos Platform helps enterprises understand their most probable attack paths while highlighting the most effective risk mitigations to deter and defend against today’s adversaries.