Quantum-Safe Encryption Comes Closer

Uploaded on 2024-09-11 in TECHNOLOGY-Key Areas-Quantum Computing, NEWS-Cybersecurity News, FREE TO VIEW

As innovation has progressed from the Internet, Wi-Fi, smartphones, and the Internet of Things, there have been significant security concerns with each technological step. Currently, most security systems in existing IT environments rely on public-key cryptography, which is used almost everywhere from messaging to transactions to securing data at rest.

These cryptographic systems are based on mathematical problems that are difficult and time- consuming for classical computers, but will be much easier and quicker for quantum computers to solve. Indeed, the race to secure our digital world has never been more urgent and the potential of  Quantum computing is  fast becoming reality. 

Quantum computers use properties of quantum mechanics to compute in a fundamentally different way from today's digital, 'classical', computers. They are, theoretically, capable of performing certain computations that would not be feasible for classical computers. 

While their potential to revolutionise fields like healthcare and financial services  is immense, so too is their potential to overturn digital security.  

The encryption that protects everything from our financial transactions to state secrets is at risk of being rendered obsolete by quantum computing. Quantum computers have the potential to solve certain complex mathematical problems millions of times faster than today’s classical computers. This capability, while groundbreaking, poses a significant threat to the encryption algorithms that currently secure the Internet. 

Public-key cryptography, which underpins the security of online banking, email, and secure communications, relies on the difficulty of factoring large numbers something that quantum computing can fix in minutes. Experts have warned that adversaries might already be harvesting encrypted data, biding their time until quantum computers are powerful enough to decrypt it. This Store Now, Decrypt Later” (SNDL)  strategy could lead to catastrophic breaches of sensitive information.

In response, the National Institute of Standards and Technology (NIST) has taken crucial steps to safeguard the future. 

Recognising the gravity of the threat, NIST has spearheaded an initiative to develop new cryptographic algorithms that can withstand the power of quantum computers. After years of rigorous testing and evaluation, NIST has recently published three new algorithms designed to protect against quantum attacks. These algorithms represent the best hope we have for securing our digital future, and their adoption across industries is imperative.

But transitioning to quantum-safe encryption is no small task. The process of integrating these new algorithms into existing systems will take years, if not decades. Companies across sectors, from banking to telecommunications, must begin now to ensure their products and services are equipped to resist quantum threats. 

The importance of quantum-safe encryption extends far beyond protecting individual companies or even entire industries. At its core, this is a matter of national security. 

The US faces sophisticated cyber threats from adversaries like China and Russia, both of which are investing heavily in quantum computing technology. If these nations develop quantum capabilities before the US has transitioned to quantum-safe encryption, the consequences could be severe.

  • Communications that are currently secure could be exposed, revealing sensitive information about troop movements, intelligence operations, and strategic plans. 
  • The ability of an adversary to decrypt classified information in real time would fundamentally alter the balance of power, eroding the US’s strategic advantage and putting lives at risk.

These strategic threats will serve to accelerate the adoption of quantum-safe encryption standards across all sectors critical to national security, not only government agencies but also private companies that handle sensitive data, such as defence contractors and financial institutions. This includes providing clear guidance and support to industries that may struggle with the technical and financial challenges of such a transition.

Given the potentially catastrophic consequences of a quantum cyberattack, the cost of these measures would be a small price to pay for enhanced national security.  As quantum computing evolves, so too must our ability to defend against and, if necessary, retaliate against quantum-enabled cyberattacks. This includes strengthening encryption methods and developing tools to detect and neutralise quantum based threats before they can do harm.

The actions taken by NIST to develop quantum-safe encryption standards are a critical first step. For the US the race to achieve quantum security is imperative to safeguard its national security and digital infrastructure.

NIST   |   NCSC   |    Microsoft   |    WEF   |   Oodaloop  |    Vodafone   |    Quanta Magazine

Image: planetvolumes

You Might Also Read: 

Standards: The Key To Building A Sustainable Quantum-Safe Future:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Obstacles That Security Teams Face In Vulnerability Management
NIS2 - Countdown To Compliance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Indelible Data

Indelible Data

Indelible Data is an established information security and technology consultancy and a Cyber Essentials Certification Body.

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

Devo Technology

Devo Technology

Devo Security Operations is a next-gen cloud SIEM that enables you to gain complete visibility, reduce noise, and focus on the threats that matter most to the business.

National Cybersecurity Institute (NCI) - Excelsior College

National Cybersecurity Institute (NCI) - Excelsior College

NCI is Excelsior College’s research center dedicated to assisting government, industry, military and academic sectors meet the challenges in cybersecurity policy, technology and education.

Business Continuity

Business Continuity

Business Continuity delivers integrated IT solutions for cybersecurity, virtualization, cloud platforms and operational security solutions.

Belkasoft

Belkasoft

Belkasoft is a software vendor providing public agencies, corporate security teams, and private investigators with digital forensic solutions.

Cyber NYC

Cyber NYC

Cyber NYC is a suite of strategic investments to grow New York City’s cybersecurity workforce, help companies drive innovation, and build networks and community spaces.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

BetaDen

BetaDen

BetaDen provides a revolutionary platform for businesses to develop next-generation technology, such as the internet of things and industry 4.0.

BlackScore

BlackScore

BlackScore is a technology company seeking to disrupt risk assessment using AI-driven technology.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

Trusted Cyber Solutions

Trusted Cyber Solutions

Trusted Cyber Solutions is an independent Cyber Security and Risk Management consultancy.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

SphereX Technologies

SphereX Technologies

SphereX is the first on-chain security solution for Web3 applications.

Systems Engineering

Systems Engineering

Systems Engineering is a SOC 2, Type 2-certified IT strategy and managed technology services provider.

IndoSec

IndoSec

IndoSec is an annual cybersecurity summit that powers an in-person gathering of cybersecurity leaders from Indonesia’s major corporations, leading businesses and key government entities.