This excerpt is only a small piece of what looks to be a respectable NIST document in the making. Recommend reading this article from Susan Miller directly at the source, link below. Worth the read considering the expense to implement PQC. Because Quantum is Coming. Qubit
NIST maps out the migration to post-quantum cryptography
+ To get a head start on executing a migration roadmap, NIST has outlined five implementation scenarios that aim to identify quantum-vulnerable cryptographic code, prioritize the replacement of that code and address remediating deficiencies based on security controls’ dependence on quantum-vulnerable cryptography.
+ All scenarios address enterprise data center environments, including on-premises data centers and data hosted in public and hybrid clouds by owners or third-party providers.
Scenario 1: Discovering the FIPS-140-validated hardware and software modules present in the enterprise that employ quantum-vulnerable public-key cryptography, identifying priorities for replacement based on a documented risk assessment and developing a migration strategy for each component.
Scenario 2: Identifying the cryptographic libraries that are commonly used for quantum-vulnerable algorithms and those that might support one of NIST’s selected quantum-resistant algorithms.
Scenario 3: Finding and selecting sample cryptographic applications that use quantum-vulnerable public-key cryptography, prioritizing them by risk and the number of affected systems and processes and identifying the candidate replacement algorithms or compensating controls, if they exists.
Scenario 4: Identifying quantum-vulnerable code in computing platforms, including operating systems, access control utilities, cryptographic integrity applications and identity and access management applications as well as investigating the projected impact of mitigation options.
Scenario 5: Finding and prioritizing the quantum-vulnerable cryptographic algorithms used in communication protocols leveraged by critical infrastructure sectors and suggesting possible replacements.
Source: GCN. Susan Miller, NIST maps out the migration to post-quantum cryptography…
Content may have been edited for style and clarity. The “+” to the left of paragraphs or other statements indicates quoted material from “Source:” document. Boldface title is original title from “Source:” Italicized statements are directly quoted from “Source:” document. Image sources are indicated as applicable.
