Skip to main content
abstract

Embracing Post-Quantum Cryptography in the Quantum Era

What is post-quantum cryptography (PQC) and how does it work?

Quantum computers utilize cutting-edge technology to solve complex problems that are beyond the capabilities of classical computers. Although most experts believe that a Cryptographically Relevant Quantum Computer (CRQC), capable of breaking classical encryption keys, is still years away, the threat of 'harvest now, decrypt later' (HNDL) attacks is already causing concern among network operators and enterprises about their about their current vulnerabilities.

Post-quantum cryptography (PQC) is a suite of advanced asymmetric cryptographic algorithms that cannot be broken by quantum computers. PQC aims to create cryptographic frameworks that safeguard against both quantum and classical computing threats, while ensuring seamless interoperability with existing communication protocols and network infrastructures.

Today, many networks rely on public key infrastructure (PKI) for the generation and management of encryption keys. PQC seeks to revolutionize this by modifying the underlying mathematical methods used by these ciphers. PQC is an element in creating  quantum-safe networks which are designed to be secure against attacks from CRQC.

What are harvest now, decrypt later attacks?

Harvest now, decrypt later (HDML) is an attack in which cybercriminals collect and store encrypted data, anticipating the eventual availability of quantum computers. While quantum technology might still be years away, this threat underscores the urgent need to prepare now. Delaying the implementation of quantum-resistant cryptography and strategies could leave data vulnerable in the future.

While network operators and enterprises might consider delaying their preparations, cybercriminals are not waiting—they are already exploiting vulnerabilities and stealing vast amounts of encrypted data. To defend against HNDL attacks, organizations must strive to become more crypto-agile. A well-designed and meticulously managed public key infrastructure (PKI) will facilitate a seamless transition to quantum-resistant algorithms once standards are established.

Are there standardized PQC algorithms?

The National Institute of Standards and Technology (NIST) is currently engaged in a multi-year process to establish standards for quantum-resistant public-key cryptographic (PKC) algorithms. Given the historically slow maturation of cryptographic technology, NIST has recognized that it took nearly two decades to fully deploy a reliable public-key infrastructure. 

NIST are currently looking to initially recommend four cutting-edge algorithms. The first is for encryption and the last three are digital signature schemes:

  • CRYSTALS–KYBER
  • CRYSTALS–Dilithium
  • FALCON
  • SPHINCS+

This ongoing journey, managed by NIST, involves a continuous and evolving process. The recommendations for the four post-quantum cryptography (PQC) algorithms are expected to be released in 2024. As part of this initiative, NIST is also considering additional algorithms as a contingency plan to ensure reliable alternatives if the quantum-safe algorithms are compromised.

Eager to dive deeper into cybersecurity? Visit our AI in Security and Cybersecurity Regulations pages for comprehensive insights and the latest developments.