To ease the migration from public-key cryptographic algorithms to quantum-resistant algorithms, the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence (NCCOE) has released a draft document describing migration challenges and approaches for facilitating that migration.
NIST has been working to evaluate and select post-quantum encryption algorithms since 2016, and the migration process is also expected to be a lengthy process. Because nothing can protect hardware, software, applications or data from a quantum-enabled adversary, encryption keys and data will require re-encrypting with a quantum-resistant algorithm and deleting or physically securing copies and backups.
Replacing cryptographic algorithms requires all system components including protocols, schemes and infrastructures to be ready to process the new encryption scheme. As a result, algorithm replacement can be extremely disruptive and often takes decades to complete.
To get a head start on executing a migration roadmap, NIST has outlined five implementation scenarios that aim to identify quantum-vulnerable cryptographic code, prioritise the replacement of that code and address remediating deficiencies based on security controls’ dependence on quantum-vulnerable cryptography. All scenarios address enterprise data centre environments, including on-premises data centres and data hosted in public and hybrid clouds by owners or third-party providers.
- Scenario 1: Discovering the FIPS-140-validated hardware and software modules present in the enterprise that employ quantum-vulnerable public-key cryptography, identifying priorities for replacement based on a documented risk assessment and developing a migration strategy for each component
- Scenario 2: Identifying the cryptographic libraries that are commonly used for quantum-vulnerable algorithms and those that might support one of NIST’s selected quantum-resistant algorithms
- Scenario 3: Finding and selecting sample cryptographic applications that use quantum-vulnerable public-key cryptography, prioritising them by risk and the number of affected systems and processes and identifying the candidate replacement algorithms or compensating controls, if they exist
- Scenario 4: Identifying quantum-vulnerable code in computing platforms, including operating systems, access control utilities, cryptographic integrity applications and identity and access management applications as well as investigating the projected impact of mitigation options
- Scenario 5: Finding and prioritising the quantum-vulnerable cryptographic algorithms used in communication protocols leveraged by critical infrastructure sectors and suggesting possible replacements
Organisations collaborating with NIST on this project will be able to install and test discovery tools and quantum-resistant components in an enterprise environment, featuring physical, virtualised and containerised workloads. The lab’s high-level architecture will connect to external sites and cloud resources hosted by the collaborators so the partners can install operate their discovery tools remotely via a virtual private network. Conversely, lab staff can use the tools to discover quantum-vulnerable software in remote sites.
As reported by OpenGov Asia, U.S. researchers developed quantum computing to simulate the physical complexity of the scientific problem. The anticipated power of quantum machines could open the door to a wide range of research achievements in chemistry and beyond. U.S. lab directs the multi-institutional program Advancing Integrated Development Environments for Quantum Computing through Fundamental Research (AIDE-QC). Regarding quantum computing, working together with the hardware developers and science domains advances the software and algorithms to make it a useful tool for scientific discovery.
There are many other applications in chemical and materials sciences waiting for scientific discovery with the help of quantum computers, such as increasing solar energy capture efficiency, developing longer-lasting batteries, and capturing carbon to reduce greenhouse gases. The AIDE-QC project brings the scientific community closer to achieving one of the core promises of quantum computing which is to understand natural phenomena, particularly quantum phenomena, in a way that is both more holistic and granular.
When systems become too large, complex, and dynamic for classical computers to handle, the standard method is to segment or approximate systems to keep them simple enough for the current hardware. A quantum computer gives the potential to study bigger problems that are more realistic to nature.