The National Security Agency (NSA), which is responsible for the cybersecurity of National Security Systems, i.e., systems that transmit classified and/or otherwise sensitive data, publicly shared guidance on quantum key distribution (QKD) and quantum cryptography (QC) concerning the securing NSS, according to a news story on the agency’s website.
According to the agency’s guidance: Due to the nature of these systems, NSS owners require especially robust assurance in their cryptographic solutions; some amount of uncertainty may be acceptable for other system owners, but not for NSS. QKD is a method for using the physics of quantum mechanics to create a shared secret between two parties. While it has great theoretical interest and has been the subject of many widely publicized demonstrations, it suffers from limitations and implementation challenges that make it impractical for use in NSS operational networks. For more details, please read NSA’s QKD and QC guidance.
NSA considers cryptography based upon mathematical algorithms to be a better alternative for securing NSS against the threat posed by future developments in quantum computing. The National Institute of Standards and Technology (NIST) is in the late stages of creating standards for public use.
For more details, NSA’s Cybersecurity Perspective on Post-Quantum Cryptography Algorithms is available for review.
As these families of algorithms continue to evolve, NSA expects to select a single set of NIST standards for use by commercial products within NSS. NSA Cybersecurity added the agency remains committed to supporting efforts to develop, adopt, and deploy secure post-quantum cryptography, which is vital to the defense of our nation.