The National Institute of Standards and Technology (NIST) is concerned about the threat quantum computing poses to current cryptographic standards, and it’s recruiting the best minds in the industry to develop defensive tools to stay ahead of the threat. To that end, the organization has selected its first batch of encryption algorithms for a planned post-quantum cryptographic standard that is expected to roll out in 2024 or 2025.
At the same time, Congress is moving to keep its members apprised of the quantum computing risk and the country’s defensive readiness as federal agencies begin implementing these new standards. A new bill that has passed the House, the Quantum Computing Cybersecurity Preparedness Act, would have the Office of Management and Budget (OMB) prepare budget estimates and annual reports for Congress as this process plays out.
Quantum computing threat still far off, but transitions will be lengthy and complicated
Security experts tend to believe that quantum computing will not be a threat until somewhere in the 2030s. However, the process of implementing these tools and defenses to ensure smooth continued operation is expected to take years. The Biden administration has had a strong and immediate focus on cybersecurity, and that program now moves to this preparedness work.
NIST actually began addressing the need for improved cryptographic standards in 2016, and its ongoing post-quantum computing standardization project is now entering its final phases of defensive method selection and implementation. Quantum computing startups have been one of the hottest segments of the tech world since 2020, drawing billions in funding. One point that the US government has almost certainly taken note of is that China is leading the world in putting money into this sector, with $15 billion invested to date (compared to $7.2 billion by the EU and just $1.3 billion in the US, according to a recent Forbes article).
Quantum computing applications are expected to start coming online in the next few years, but the sort of stable “fault tolerant” systems that worry security analysts are not anticipated until at least 2030. When these systems do appear, however, they threaten to shatter current cryptographic standards. These systems are being developed because they have the potential to perform virtual miracles by current technological standards, increasing the capability of everything from medicinal drug discovery to the running of high-speed transit systems. But they will also almost certainly be used by nation-state hackers to attack current public-key encryption systems, which they are expected to be able to break within minutes in some cases.
According to Edlyn Teske, Senior Crypto Expert at Cryptomathic: “In practice, this means that [Chief Security Officers] need to take stock of their organization’s ability to rapidly switch the cryptographic algorithms that underpin your data security, without upending your entire infrastructure – an approach commonly known as being ‘crypto-agile.’”
NIST has selected four encryption algorithms that have collectively been in the works for several years, and that show promise to resist the future attacks of quantum computing. The agency says that four additional algorithms remain under consideration and that it will announce more finalists in a second round held on an unspecified future date. A number of different solutions are being included to create a toolbox that covers a variety of different anticipated needs and situations, additionally including backups in case a particular tool ends up developing a vulnerability.
Of the four algorithms selected at present, one is for general all-purpose encryption of web traffic (CRYSTALS-Kyber) and three are for digital identity verification (CRYSTALS Dilithium, FALCON and SPHINCS). SPHINCS makes use of hash functions and is intended as an emergency backup (being secure but significantly slower than the other options), while the other three use a “structured lattices” system based on more complex math problems than those used in current cryptographic standards. NIST has said the other four algorithms still under consideration do not use either of these methods.
The full post-quantum cryptographic standard will not be available until 2024 at the earliest, but NIST and the Department of Homeland Security (DHS) are providing a Post-Quantum Cryptography Roadmap to help organizations at least begin envisioning the changes they will need to make as this security threat comes closer to the horizon. As Tim Callan, chief compliance officer at Sectigo, notes: “The announcement of NIST’s third round selections for post-quantum encryption algorithms is a major milestone in the journey to quantum-safe computing systems. But while this announcement marks the end of one chapter, another is only beginning. Now standards bodies, hardware and software manufacturers, and ultimately businesses across the globe will have to implement new cryptography across all aspects of their computing systems. Until we have upgraded cryptography everywhere, our digital operations remain insecure.”
Cryptographic standards shift to be tracked by Congress
This transition will also loop in Congress via the Quantum Cybersecurity Preparedness Act, where some members will likely have not yet caught up on current cryptographic standards even as the new ones are coming online.
The House bill looks to address this challenge; the Senate has yet to deliver its own version. The terms of the House bill would have federal agencies prepare an inventory of items for the transition, and the OBM would be given a year to prepare a budget and a strategy for the transition away from current cryptographic standards. Agencies would also be required to update these systems annually, and Congress would receive an annual status briefing. And the Department of Commerce would be tasked with creating post-quantum cryptographic standards guidance for critical infrastructure organizations.
Roger Grimes, data-driven defense evangelist at KnowBe4, notes that this is not just an issue for the government to solve; with likely less than a decade to quantum computing attacks, businesses need to be thinking about this as well: “All companies need to start preparing for quantum computer attacks now. Starting with taking a data protection inventory, identifying data that needs to be protected for more than a few years, figuring out the effective cryptography, and then figuring out which of the quantum resistant protections they need to implement. Every company needs to budget for and start a quantum defense team project now. It’s going to take most organizations many years to do. And unfortunately, almost no company is even aware of what’s coming.”