888-384-7144 info@insidequantumtechnology.com

Adopting Quantum Cryptography: Why Y2Q Will Be Too Late

By IQT News posted 17 Sep 2020

(SecurityBoulevard) Governments and organizations around the world, including significant threat actors, are pouring vast amounts of money and resources toward the development of large-scale quantum computers and related quantum technologies. “Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now,” warned Arvind Krishna, director of IBM Research, in a ZDNet article.

Philip Lafrance, Standards Manager at ISARA, where he works with standards development organizations across the globe, including ETSI and NIST, to help set standards for post-quantum cryptography and related areas of information security; is the author of this detailed and helpful look at transitioning to a quantum-safe state.

Quantum-safe planning involves:

    • Understanding where the organization currently uses cryptography.
    • Understanding the security dependencies throughout the organization and its supply chains.
    • Understanding where and how their systems are vulnerable to quantum-enabled attacks.
    • Deciding on exactly how to migrate current systems to next-generation technologies.
    • Allocating budgets and receiving leadership approval.
    • Executing the migration.

“Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now,” warned Arvind Krishna, director of IBM Research, in a ZDNet article.

Here are the initial migration steps we recommend as organizations transition to a quantum-safe state:

1) Discover where the organization is using cryptography and catalog what type of cryptography it is and what information it’s protecting. Intuitively, this should be easy enough to do, but in practice, this discovery phase may be prohibitively complex and expensive. Many organizations have given this task little attention to date and don’t know where to start. For organizations with large shadow IT departments or poorly documented cryptography, even a large audit might not guarantee complete coverage.
2) The discovery and audit process should also investigate the need for quantum-safe protections for partner organizations or vendors in the supply chain. An organization can do everything it can to make itself quantum-safe, but if it is integrating OEM components that are not quantum-safe into their own products or services, then the organization might still be quantum-vulnerable.
3) Once an audit is completed, the next steps include determining how to upgrade, transition or migrate vulnerable cryptography to versions certifiable as quantum-safe. Again, this step includes working with partners and suppliers.

Making the relevant inquiries now is essential to minimize the amount of time it will take organizations, partners and suppliers to make this cryptographic shift.

All Artificial intelligence Conference cybersecurity Education Guest article IQT PRO networks photonics Podcast quantum computing research semiconductors sensing software Sponsored women in quantum

Subscribe to Our Email Newsletter

Stay up-to-date on all the latest news from the Quantum Technology industry and receive information and offers from third party vendors.

Quantum Stocks Zone

Quantum Jobs Zone

Post jobs for free. Send your listing(s) to info@3drholdings.com

Executive Director of Quantum-CTat University of ConnecticutDirector of DevTeQ Lab (Sherbrooke, QC)at DistriQPhotonic Jobsat PhotonicIntegrated Photonics Designerat Quix Quantum
0
How to Neutralize Quantum Security Threats
IQT Blog Looks to Future & Asks “When Will Quantum Computers Become Useful?