The point at which quantum computers will be capable of breaking existing cryptographic algorithms — known as “Q-Day” — is approaching. Some security experts believe Q-Day will occur within the next decade, potentially leaving all digital information vulnerable under current encryption protocols.
While a decade may seem far away, post-quantum cryptography (PQC) is fast becoming a high priority for the security community, as it works to understand, build, and implement encryption that can withstand post-quantum threats and attacks of the future.
“PQC migration provides an opportunity to re-evaluate the larger cybersecurity landscape,” Dylan Rudy, lead scientist with Booz Allen’s quantum sciences team, tells CSO. “By integrating new PQC algorithms into a zero-trust architecture, cybersecurity infrastructure can be redesigned into a new crypto agility framework.”
At issues is the fact that quantum computers of sufficient power could undermine the mathematical underpinnings of current encryption methods. Experts predict sufficiently powerful quantum computers are years away but early preparations are needed not least because the upgrade process is far from trivial.
Particularly for those in high-security sectors, where the threat of “harvest now decrypt later” attacks is keenly felt, waiting for “oven ready” post-quantum encryption products and services to mature is a bad decision. Early adopters can take advantage of hybrid products and services that exist today, as they enable them to start migrating immediately, rather than waiting for updated internet protocols.
Here are the latest developments on recently launched initiatives, programs, standards, and resources aimed at helping with the creation, development of, and migration to PQC.
Chrome locks in PQC
In September 2024, Google announced it will begin supporting hybrid post-quantum key exchange based on the final version of Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM), recently ratified by the National Institute of Standards and Technology (NIST), from around November with the release of Chrome 131.
The browser giant has been experimenting with PQC for some time, but changes to the final version of ML-KEM make it incompatible with the previously deployed version of Kyber. As a result, Google has made the decision to switch to ML-KEM, delaying the change for some weeks to give websites that want to take advantage of post-quantum encryption the chance to upgrade.
Other industry giants — including Amazon and IBM — have also begun laying foundations for quantum-safe cryptography. For example, IBM has pushed ahead with efforts to integrate post-quantum cryptography into many of its own products, such as IBM z16 and IBM Cloud.
NIST ratifies post-quantum encryption standards
In August 2024, NIST approved three post-quantum cryptography algorithms for mainstream development.
As part of the announcement, NIST approved ML-KEM, formerly known as CRYSTALS-Kyber, for general encryption. ML-DSA (Module-Lattice-Based Digital Signature Algorithm) and SLH-DSA (Stateless Hash-Based Digital Signature Algorithm) were also given the go-ahead as the basis for digital signatures.
All three algorithms are capable of withstanding attacks from both classical and (future) quantum computers.
Other algorithms are still going through the evaluation process but the approval of the three algorithms as standards for post-quantum encryption gives computer developers and engineers the building blocks they need for future technology development.
Andersen Cheng, founder and chairman of Post-Quantum, told CSO that the development marks the move for post-quantum cryptography away from cryptographic analysis towards engineering and implementation.
“This is an important milestone, but a complex one for us to navigate,” according to Cheng. “While these announcements mark a step change in the world’s journey to becoming quantum secure, it does not mean that the entire internet ecosystem is now protected.”
For example, the Internet Engineering Task Force (IETF), which defines how the internet is built, used, and secured, will play a key role in developing the standards that harness post-quantum encryption algorithms.
“To date, draft proposals have been submitted, but the IETF has yet to publish any internet standards using the new versions,” Cheng said.
Markus Pflitsch, CEO and founder at Terra Quantum, said: “NIST’s standards are a critical milestone that should motivate organizations to take the quantum threat seriously. By standardizing PQC algorithms, NIST provides a roadmap for organizations worldwide to transition to quantum-resistant cryptographic systems. Companies will now need to prepare for this migration from classical to post-quantum cryptography and invest in their long-term data security by ensuring they are NIST-compliant.”
Linux Foundation’s grand alliance to take on PQC
The Linux Foundation launched the Post-Quantum Cryptography Alliance (PQCA) in February 2024, bringing together industry giants and researchers to tackle the cryptographic security challenges posed by future quantum computers. The effort is geared toward developing software packages that support PQC standards.
Founding members of the alliance include Amazon Web Services, Cisco, Google, IBM NVIDIA, QuSecure, SandboxAQ, and the University of Waterloo.
“The PQCA will engage in various technical projects to support its objectives, including the development of software for evaluating, prototyping, and deploying new post-quantum algorithms,” according to a statement by The Linux Foundation. “By providing these software implementations, the foundation seeks to facilitate the practical adoption of post-quantum cryptography across different industries.”
Tech community launches PQC Coalition to drive understanding, adoption
In September 2023, a community of technologists, researchers, and expert practitioners launched the PQC Coalition to drive progress toward broader understanding and public adoption of PQC algorithms. Founding coalition members include IBM Quantum, Microsoft, MITRE, PQShield, SandboxAQ, and the University of Waterloo.
The PQC Coalition will apply its collective technical expertise and influence to facilitate global adoption of PQC in commercial and open-source technologies. Coalition members will contribute their expertise to motivate and advance interoperable standards and technical approaches and step forward as knowledgeable experts in providing critical outreach and education.
The coalition will initially focus on four workstreams:
- Advancing standards relevant to PQC migration
- Creating technical materials to support education and workforce development
- Producing and verifying open-source, production-quality code, and implementing side-channel resistant code for industry verticals
- Ensuring cryptographic agility
CISA, NSA, NIST issue PQC migration resource
In August 2023, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and NIST published a factsheet on the impacts of quantum capabilities. It urged all organizations, especially those that support critical infrastructure, to begin early planning for migration to PQC standards by developing their own quantum-readiness roadmap.
“Quantum-Readiness: Migration to Post-Quantum Cryptography” outlined how organizations can prepare a cryptographic inventory, engage with technology vendors, and assess their supply chain reliance on quantum-vulnerable cryptography in systems and assets. The factsheet also provides recommendations for technology vendors whose products support the use of quantum-vulnerable cryptography.
“PQC is about proactively developing and building capabilities to secure critical information and systems from being compromised through the use of quantum computers,” said Rob Joyce, director of NSA cybersecurity. “The transition to a secured quantum computing era is a long-term intensive community effort that will require extensive collaboration between government and industry. The key is to be on this journey today and not wait until the last minute.”
Google readies Chrome for future attacks with quantum-resistant encryption
In August 2023, Google announced it was taking a major step in making web browsing safe from future quantum computers by adding Chrome support for quantum-resistant encryption. Dubbed X25519Kyber768, the new quantum-resistant cryptography will be a hybrid mechanism that combines the output of two cryptographic algorithms to encrypt Transport Layer Security (TLS) sessions.
These are X25519, an elliptic curve algorithm widely used for key agreement in TLS today, and Kyber-768, a quantum-resistant Key Encapsulation Method (KEM). The new hybrid encryption has been made available in Chrome 116.
“Google’s announcement of shielding encryption keys in Chrome from quantum computers is very forward-looking,” said Pareekh Jain, chief analyst at Pareekh Consulting. “Quantum computers’ serious adoption is a few years away, but messages have a risk of getting stored now and decrypting later.”
X9 announces initiative to create PQC assessment guidelines
In June 2023, the Accredited Standards Committee X9 announced a new initiative to create PQC assessment guidelines to act as a roadmap for PQC transitions. It invited participants to take part in the effort. When completed, the X9 guidelines might be used by an organization as a self-assessment tool, as an informal assessment of a third-party service provider, or as an independent assessment by a qualified information security professional, X9 said. An auditor or regulator might also refer to the assessment guidelines which could form a foundation for crypto agility standardization, it added.
“It will be important to have PQC assessment guidelines available before transitions are underway, for consistency to make the process as smooth as possible and the outcomes optimal,” said Michael Talley, chair of the X9F1 Cryptographic Tools working group.
PQShield supports PQC migration, advanced side-channel secured implementations
In May 2023, PQC technology firm PQShield signed a Memorandum of Understanding (MoU) with Tata Consultancy Services (TCS) to help clients transition to quantum-secure solutions. It also announced a collaboration with eShard, a side-channel analysis and testing tools provider, to further accelerate advanced side-channel secured implementations of PQC that are critical for high-security standards across industries.
“Quantum computers pose a particular threat to large organizations given the sprawling nature of their cryptographic infrastructure and their reliance on secure communications,” said Ali El Kaafarani, CEO and founder of PQShield. “We’re seeing a significant shift in the commercial landscape as more of these businesses wake up to the urgency of the problem and seek out a solution.”
NCCoE addresses preparing for the adoption of new PQC algorithms
In April 2023, the US National Cybersecurity Council of Excellence (NCCoE), a collaboration of cybersecurity experts from the public and private sectors, released a draft publication addressing preparation for adopting new PQC algorithms. Migration to Post-Quantum Cryptography extended the typical message of urgency to plan for migration seen in federal mandates to members of the private sector.
NCCoE said it would be engaging with industry collaborators, regulated industry sectors, and the US government to bring awareness to the issues involved in migrating to post-quantum algorithms and to prepare the crypto community for migration.
QuSecure, Accenture achieve successful multi-orbit data communications test secured with PQC
Later in the same month, QuSecure announced it had collaborated with Accenture to accomplish the first successful multi-orbit data communications test secured with PQC. This demonstrated that crypto-agility, successfully rotating to a less vulnerable algorithm, is real and possible, achieved through an Accenture-facilitated low earth orbit (LEO) data transmission, the vendor said.
Prior to this advancement, data from multi-orbit satellites could be collected and potentially broken by classical means and quantum computers with enough power, QuSecure added. The transmission included a switch over from LEO to a geosynchronous orbit (GEO) satellite and back down to earth, as a model for redundancy in the event of a breach, failure, or threat to satellites in a single orbit.
“As more organizations are increasingly relying on space technology to provide solutions, resiliency and more relevant information, security of those systems and the data is paramount,” commented Paul Thomas, space innovation lead for technology innovation at Accenture.
QuSecure pioneers live satellite quantum-resilient cryptographic communications link through space
In March 2023, quantum security vendor QuSecure claimed to have accomplished the first known live, end-to-end quantum-resilient cryptographic communications satellite link through space. It marked the first time US satellite data transmissions had been protected from classical and quantum decryption attacks using PQC, according to the company. The quantum-secure communication to space and back to Earth was made through a Starlink satellite working with a leading global system integrator (GSI) and security provider.
This is significant because data shared between satellites and ground stations travels through the air and traditionally has been vulnerable to theft, leaving satellite communications even more accessible than typical internet communications, the vendor said.
UK publishes National Quantum Strategy to steer technical standards
In March 2023, the UK government published a new National Quantum Strategy detailing its 10-year plan for leading a quantum-enabled economy, recognizing the importance of quantum technologies for the UK’s security.
The UK will work with relevant global bodies to ensure that global quantum technical standards promote its prosperity and security interests, including accelerating the commercialization of quantum technologies and supporting the sector in the UK, outlined the strategy.
The UK will also work with key partners to scope and identify the best approach to coordinating national engagement in priority areas of quantum technical standards development. Relevant industry and academia will be engaged in these efforts to track priority standards activity, raise stakeholder awareness, and develop roadmaps to support UK engagement with quantum standards development, it added.
“There are a number of early quantum standardization activities taking place globally with significant focus on quantum-safe cryptography and quantum key distribution (QKD), with UK leadership in these areas,” the strategy read.
IETF launches working group to coordinate quantum-resistant cryptographic protocols
In January 2023, the IETF launched the Post-Quantum Use In Protocols (PQUIP) working group to coordinate the use of cryptographic protocols that are not susceptible to large quantum computers. “The idea of the working group is to be a standing venue to discuss PQC from an operational and engineering side,” said Sofia Celi, co-chair of PQUI. “It is also a venue of last resort to discuss PQC-related issues in IETF protocols that have no associated maintenance on other working groups that the IETF has.”
The IESG said the working group has been set up on an experimental basis, and in two years, it intends to review it for rechartering to continue or else closure. In August 2023, the group published the Post-Quantum Cryptography for Engineers paper to provide an overview of the current threat landscape and the relevant algorithms designed to help prevent those threats.