PAVING THE WAY TOWARD QUANTUM CYBERSECURITY: A US PERSPECTIVE
As quantum technologies continue to develop at a rapid pace, there has been a corresponding rise in concerns regarding encrypted data security, a reality US federal agencies have become all-too-aware of. Considering the current limitations of cybersecurity and how ill-equipped they are to deal with quantum threats, federal agencies have made it a priority to develop quantum-resilient algorithms and guidelines.
The above mandates are actively being driven by NIST (National Institute of Standards and Technology), DHS (Department of Homeland Security), and the White House, underpinned by preparation, research, practicality and execution.
Quantum a threat to data
With billions of dollars already invested in quantum computing, including a 10-billion-dollar Chinese investment into quantum computing and communications, Netooze believes the Cryptographically Relevant Quantum Computer (CRQC) – a quantum computer capable of breaking cryptography, might be closer than we realize. Given such investments, over 60 percent of experts interviewed are convinced that encryption will topple under the weight of quantum advancements by 2023, making peer-adversary quantum attacks more subtle, frequent and destructive. Such projections also must consider the prevalence of ‘Steal Now Decrypt Later’ (SNDL) attack campaigns and the accompanying implications given the advances in quantum technology.
NIST, DHS, and White House take action
In observance of the looming quantum threats, the above-mentioned bodies have taken proactive steps to lessen the blow should quantum attacks become common. Since 2016, for example, NIST has led the charge in developing post-quantum cryptography (PQC) – a group of encryption algorithms that are thought to be secure from an attack by a quantum computer. Though not quantum technologies themselves, PQCs rely on a complex web of encryption schemes that are thought to be impossible to break, even by a quantum computer. That focus has birthed the Post-Quantum Cryptography Standardization Program, which is now undergoing its final round of testing before being officially instituted as a pre-emptive defence against future quantum attacks.
In the case of the DHS, they have developed and released a roadmap for widespread transition to PQC, urging government and commercial agencies to take stock of their sensitive data and make necessary steps to upgrade their systems. Foremost on their list of priorities is ensuring early compliance so as to avoid a rushed, large scale transition to PQC as, according to Tim Mauer, Senior Counsellor for the Cybersecurity and Emerging Technology to the Secretary of Homeland Security, waiting to make the transition “increases the risk of accidental incidents.”
The White House, under the leadership of President Joe Biden, signed a National Security Memorandum (NSM-8) in January of this year, 2022, aimed at Improving the Cybersecurity of National Security, Department of Defence and Intelligence Community Systems.
With memorandums like NSM-8, the need for organizations, federal and commercial, to adopt quantum-resilient strategies cannot be overstated. PQCs will definitely play a role in this transition and the sooner we make that transition, the better.
Netooze® is a cloud platform, offering services from data centers globally. When developers can use the straightforward, economical cloud that they love, businesses expand more quickly. With predictable pricing, thorough documentation, and scalability to support business growth at any stage, Netooze® has the cloud computing services you need. Startups, enterprises, and government agencies can use Netooze® to lower costs, become more agile, and innovate faster.