Zurich Zurich

NCCoE, Industry Partners Create Center to Ease Migration Into Post-Quantum Cryptographic Era

NCCoE, Industry Partners Create Center to Ease Migration Into Post-Quantum Cryptographic Era
NCCoE, Industry Partners Create Center to Ease Migration Into Post-Quantum Cryptographic Era
Quantum Source Quantum Source

The National Cybersecurity Center of Excellence (NCCoE), a branch of the National Institute of Standards and Technology (NIST), will work with a group of leading organizations in both the public and private sectors to increase awareness of the transition to post-quantum cryptographic era.

According to a statement from NCCoE, quantum technologies will usher in a wave of benefits for science and society, but quantum’s ability to render current cyber protection schemes useless will be a challenge for nearly organizations. The center has enlisted the help of a group of experts on migrating from this current set of public-key cryptographic algorithms to quantum-resistant algorithms.

These organizations include:

These organizations have signed a cooperative research and development agreement to collaborate with NIST in a consortium to build this example solution.

Responsive Image

Initially, the group will work with industry to demonstrate the use of automated discovery tools to identify instances of quantum-vulnerable public-key algorithm use, where they are used in dependent systems, and for what purposes. Once the public-key cryptography components and associated assets in the enterprise are identified, the next step would be to is prioritize those applications for migration planning.

Finally, the project will describe systematic approaches for migrating from vulnerable algorithms to quantum-resistant algorithms across different types of organizations, assets, and supporting technologies.

NCCoE offered both challenges and benefits of confronting post-quantum cryptographic technology.

Challenges

Organizations face numerous challenges in entering this post-quantum cryptographic era: First, they are often unaware of the breadth and scope of application and function dependencies on public-key cryptography. Many, or most, of the cryptographic products, protocols, and services on which we depend will need to be replaced or significantly altered when post-quantum replacements become available.

Also, Information systems are not typically designed to encourage supporting rapid adaptations of new cryptographic primitives and algorithms without making significant changes to the system’s infrastructure—requiring intense manual effort.

Finally, the migration to post-quantum cryptography will likely create many operational challenges for organizations. The new algorithms may not have the same performance or reliability characteristics as legacy algorithms due to differences in key size, signature size, error handling properties, number of execution steps required to perform the algorithm, key establishment process complexity, etc. A truly significant challenge will be to maintain connectivity and interoperability among organizations and organizational elements during the transition from quantum-vulnerable algorithms to quantum-resistant algorithms.

Benefits

The potential business benefits of the solution explored by this project include: helping organizations identify where, and how, public-key algorithms are being used on their information systems. Another benefit is that mitigating enterprise risk by providing tools, guidelines, and practices that can be used by organizations in planning for replacement/updating hardware, software, and services that use PQC-vulnerable public-key algorithms.

Business benefits also include protecting the confidentiality and integrity of sensitive enterprise data, as well as supporting developers of products that use PQC-vulnerable public-key cryptographic algorithms to help them understand protocols and constraints that may affect use of their products.

You can request to join a community of interest by emailing here.

If you found this article to be informative, you can explore more current quantum news here, exclusives, interviews, and podcasts.

Matt Swayne

With a several-decades long background in journalism and communications, Matt Swayne has worked as a science communicator for an R1 university for more than 12 years, specializing in translating high tech and deep tech for the general audience. He has served as a writer, editor and analyst at The Quantum Insider since its inception. In addition to his service as a science communicator, Matt also develops courses to improve the media and communications skills of scientists and has taught courses. [email protected]

Share this article:

Keep track of everything going on in the Quantum Technology Market.

In one place.

Related Articles

Join Our Newsletter