Replacing classic encryption with NIST-backed Post Quantum Cryptography (PQC) will be a major undertaking affecting the data, systems, devices, and networks we rely on daily.
In 2022, the National Institute for Standards and Technology (NIST) is expected to finalize its shortlist of quantum-safe encryption algorithms and standards designed to resist the threat of quantum computers. The final selection process is only the beginning of this multi-year cryptographic transition that is certain to be fraught with challenges, uncertainties, and unforeseen risks.
Consider Quantum Xchange your crypto companion. We’re here to help you on your journey to post-quantum safety – simply and affordably.Download eBook
“Anyone that wants to make sure that their data is protected longer than 10 years should move to alternative forms of encryption now.”
Arvind Krishna, CEO of IBM
Those who do not learn history are doomed to repeat it.
The PQC transition will be a major undertaking and require the largest, global cryptographic transition in the history of computing. If past is prologue, then the 20 years it took for the Advanced Encryption Standard (AES) to completely replace Data Encryption Standard (DES) and 3DES is a good indicator of what’s to come. And, unlike the other major migration project in recent memory, Y2K for example, the quantum threat doesn’t offer a “worst case scenario” date to prepare against.
Our digital universe and the encryption that protects nearly every aspect of digital life has grown exponentially since the late 1990s – and so too has the attack surface. Steve Jobs unveiled the iPhone to the public on Jan. 9, 2007. Think of how much technology has advanced since. AI, IoT, cloud, edge computing – we are connected in ways unimaginable at the turn of the century, let alone back in the 1970s when public key encryption was first introduced by Diffie-Hellman.Download CIO Guide
“We must prepare for it [the transition to a post-quantum encryption] now to protect the confidentiality of data that already exists today and remains sensitive in the future”
Alejandro Mayorkas, U.S. Secretary of Homeland Security
March 31, 2021
Failure to act now is delaying the inevitable at a cost that could be far greater than imagined.
$3 trillion of retail e-commerce annually
142 million VPN users in the U.S.
Consider these important risk factors when determining your organization’s PQC transition requirements:
- There is no guarantee that the crypto standards selected will not be broken by adversaries or vulnerable to implementation errors.
- A quantum computer may be available before full migration is complete.
- “Harvest today, decrypt tomorrow” attacks are happening now.
- Regardless of which math-based algorithm is standardized, the problem of sending keys and data together still exists.
- Security upgrades can be disruptive and expensive, most want to avoid costly rip and replace scenarios or premature system obsolescence.
- All math-based encryption standards have eventually been broken.
“Businesses should act now. We know that foreign powers are already busy recording everything, and it is their plan, 10 years from now, to decrypt everything.”
Eric Schmidt, former CEO of Google
Don’t Panic. Deploy Phio TX.
Organizations should heed the advice of NIST Computer Security Division Chief Matthew Scholl,
“It’s no time to panic, it’s time to plan wisely.”
Enterprise ready as a FIPS-validated implementation, Phio TX from Quantum Xchange can be deployed today with very little lift or outlay. Built for resiliency, the quantum-in-depth solution and next-generation key delivery architecture gives users the peace-of-mind knowing their network communications infrastructure and data links are stronger today and future-proof from quantum attack.
“In a 5–10-year timeframe quantum computing will break encryption as we know it.”
Sundar Pichai, CEO of Alphabet and Google
Phio TX does not require the replacement of existing algorithms, equipment, or network infrastructure.
Network performance or reliability is not degraded in any way.
It works over any TCP/IP connection or network media type to deliver quantum-enhanced keys on-demand, anywhere in the world.
If desired, customers can begin with PQC then eventually add QKD with no changes needed to the underlying infrastructure, no fiber required, and no limitations on key delivery.
Phio TX offers full accountability and auditability for both keys and data in motion. Users receive a complete view into when keys are exchanged between devices and how.
Investing in quantum-safe cyber defenses early will ensure you avoid the high cost of system obsolescence, immediately improve your overall cybersecurity posture, and demonstrate you are a security-forward organization with customer trust, business resiliency, and network stability top-of-mind.
Wanted: Quantum Change Agents Needed to Protect the Future of Data
If you’re a cybersecurity professional responsible for the security of data, it’s time to become a change agent within your organization. Improve your quantum literacy, set an organizational plan for quantum readiness, and take action!
Take this two-minute assessment to gauge your baseline quantum IQ and help set your organization on the path to quantum-safe data protection.