(FedTechMagazine) IT leaders in the Federal government should be thinking about the world of post-quantum cryptography, where cryptographic algorithms (usually public-key algorithms) would be secure against an attack by a quantum computer. While a quantum computer with enough stable qubits to use Shor’s algorithm to break current public-key cryptography has not been created and may not be for some time, experts agree that day is coming.
And while that particular threat is still on the horizon, there is a very real risk today that individuals may be intercepting and storing encrypted internet traffic now for decryption later, when a large enough quantum computer is available.
Research into quantum-safe encryption will help secure data that needs to be protected over a long period of time, such as health records,” says Bob Sutor, vice president of IBM Quantum ecosystem development at IBM Research.
post-quantum cryptography consists of algorithms designed to withstand cyberattacks should quantum computers become powerful enough. Once that happens, says Dustin Moody, a mathematician at NIST, post-quantum encryption will come into play on a large scale. “For most organizations, quantum encryption or QKD is not what they’re going to need. It’s most likely going to be post-quantum encryption,” Moody says.
One of the next important steps to make quantum-safe cryptography more widely adopted by government and industry, says Sutor, is standardization, which NIST is currently undertaking.
The best way to start preparing is to ensure that all current and future systems have cryptographic agility — the ability to be easily reconfigured to add quantum-resistant algorithms,” says Brian LaMacchia, distinguished engineer and head of the security and cryptography group at Microsoft Research.