State, Local Govt Can Prepare Now for Post-Quantum Security

/in


The federal government is preparing for the day when quantum computers become powerful enough to crack many commonly used encryption methods. As it does so, it’s aiming to ensure that public and private organizations of all types are included in the drive toward more quantum-proof security.

2022 could see the next stage in this work, with the National Institute of Standards and Technology (NIST) slated to release an initial standard for quantum-proof encryption algorithms. The Department of Homeland Security (DHS), meanwhile, has been creating resources to help prepare entities to adopt the new standards, and it plans to push for greater awareness of these offerings in the new year.

ANTICIPATING QUANTUM RISKS

Anticipated quantum computing advancements could introduce broad-reaching risks, threatening the encryption that secures everything from digital communications to credit card payments.

No one knows when the hypothesized cryptography-defeating capabilities will come into being, but senior DHS officials told Government Technology that they aim to be ready in case they come as soon as 2030.

NIST has been working for several years to identify new encryption methods likely to withstand even this computational power. It issued a call for so-called “quantum-resistant” encryption algorithms in 2016 and has since been winnowing the submissions down to a handful of the most promising.

The forthcoming standard may incorporate several different approaches, to help ensure it’s relevant, given that it’s not clear how exactly quantum computing will evolve, NIST mathematician Dustin Moody has said previously.

“It’s important for the eventual standard to offer multiple avenues to encryption, in case somebody manages to break one of them down the road,” Moody said in a 2020 NIST blog post.

The advent of cryptography-threatening quantum computing may seem far off, but DHS expects the transition to quantum-proof encryption will be a lengthy process, making it important for organizations to start early.

RAISING AWARENESS

Releasing NIST’s algorithms is only half the battle. The other is ensuring they’re widely — and…

Source…