PRESS RELEASE — WASHINGTON, July 6, 2022— The Cybersecurity and Infrastructure Security Agency (CISA) announced yesterday the establishment of a Post-Quantum Cryptography Initiative to unify and drive agency efforts to address threats posed by quantum computing. In March 2021, Secretary of Homeland Security Alejandro N. Mayorkas outlined his vision for cybersecurity resilience and identified the transition to post-quantum encryption as a priority. In coordination with interagency and industry partners, this new initiative will build on existing Department of Homeland Security (DHS) efforts as well as those underway at the Department of Commerce’s National Institute of Standards and Technology (NIST) to support critical infrastructure and government network owners and operators during the transition to post-quantum cryptography.
“CISA continually works to understand and anticipate the risks to critical infrastructure from evolving technologies including quantum computing,” said CISA Director Jen Easterly. “We look forward to continued work with NIST and other key stakeholders to ensure that public and private sector organizations are prepared to effectively manage the transition to post-quantum cryptography.”
Yesterday’s announcement by NIST that it has chosen the first group of cryptographic algorithms is a key milestone toward their post-quantum cryptography standardization project to identify a new standard to replace the current, quantum-vulnerable cryptography. The four chosen algorithms were created through collaborations of experts hailing from multiple countries and institutions.
Although NIST does not expect to publish a standard for use by commercial products until 2024, organizations should start preparing for the transition now by following the DHS and NIST Post-Quantum Cryptography Roadmap. As this technology advances over the next decade, quantum computing is increasing risk to some encryption methods that are widely used to protect customer data, complete business transactions, and secure communications. This roadmap identifies where organizations need to develop plans for the transition to post-quantum cryptography. For more information about DHS efforts, visit DHS.gov/quantum.
CISA also released a current activity alert encouraging users and administrators to review the DHS/NIST roadmap and NIST resources for additional guidance and background.
As the nation’s cyber defense agency, the Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day. Visit
CISA.gov for more information.