Meet 180-day, quantum-resistant security requirements in White House National Security Memorandum 8 with Phio TX
(QuantumXchange) The next generation of computers, especially those of the quantum variety, pose severe threats to public key encryption (PKE). In part because of the quantum threat, the White House issued National Security Memorandum 8 (NSM-8) in January 2022 which instructs federal agencies to use quantum-resistant algorithms as soon as possible.
“The provision states verbatim: Within 180-days of the date of this memorandum, agencies shall identify any instances of encryption not in compliance with NSA-approved Quantum Resistant Algorithms or CNSA, where appropriate in accordance with section 1(b)(iv)(A) and (B) of this memorandum, and shall report to the National Manager, at a classification level not to exceed TOP SECRET//SI//NOFORN.”
Since the National Institute for Standards and Technology (NIST) has not yet approved public-key algorithms that provide quantum safety, federal agencies must instead look to encryption solutions that use pre-shared keys.
Phio Trusted Xchange (TX) from Quantum Xchange enables federal agencies to comply with NSM-8 now, and thenmigrate to FIPS-validated quantum-safe algorithms in the future without taking down or impacting data networks. It meets the NSA quantum resistant protocol as outlined in “Commercial Solutions for Classified (CSfC) Symmetric Key
Management Requirements Annex V2.0 (January 2021)” by using pre-shared keys in the Phio TX hive and featuring the
ability to automate pre-shared key rotation for system users.
Phio TX decouples key generation, distribution, and audit from the infrastructure that encrypts the data, and delivers keys using a zero-trust architecture. This approach provides the following benefits:
• Enhanced security today, and future-proof security against the coming quantum threat.
• Integrates with existing encryption infrastructure from Cisco, Juniper, Fortinet, Thales, and other vendors,
reducing implementation costs.
• Enables modern-day security best practices such as continuous key rotation on short intervals.
• Separation of duties in conformance with NIST SP800- 53 – the manager of the crypto system can be distinct
from the manager of the key distribution system.
• Use of two keys means that compromise of a key delivered by Phio TX does not compromise data.
• Auditable key rotation – know when keys have been exchanged between endpoints.
• Provides true crypto agility – change to any NIST- approved algorithms, or any future key distribution technology such as QKD, without changing the data networks or impacting business/mission.
• Deliver high entropy keys to cloud services or ICS/ IoT systems that cannot generate keys with sufficient
• Deliver keys over any network media – copper, fiber, satellite, RF, laser, etc. – over any dist