Why quantum and data protection should go hand in hand
+ The era of quantum computing is fast approaching, and with it the greatest threat to cryptography at a scale never seen before. A quantum computer will be able to break RSA-2048, considered the gold standard for Public Key Encryption (PKE), the system that has for years protected our digital universe. While the National Institute for Standards and Technology has been working to down-select post-quantum cryptographic algorithm candidates, the standards body warns another five to 15 years may be needed before full transition is completed. Quantum risk assessment – or the steps needed to identify and safeguard infrastructure and critical data in the post-quantum world – should be part of an agency’s overall cybersecurity risk management program, current data security practices and EO compliancy efforts.
Federal agencies and their partners looking to update their encryption infrastructure to comply with the EO and better protect long-duration data should conduct a quantum risk assessment and deploy quantum-safe solutions for protecting their data today and in the quantum-enabled future. Failing to do so, could cause premature obsolescence of any upgraded system or architecture — a costly and risk-intense scenario best avoided.
+ Because government data security requirements have a much longer shelf-life than other industries — up to 50 years in the case of official intelligence — it is reasonable to assume this data may be vulnerable to quantum attack if not protected properly today. Any country that attains a quantum computing system of sufficient power will be able to decrypt stored data with ease – and odds are an adversary is unlikely to divulge this intelligence advantage. These facts, and the continued use of outdated security models and unencrypted data by critical infrastructure operators, require organizations to make bold, future-proof changes to their cybersecurity practices.
+ Federal agencies and their partners looking to update their encryption infrastructure to comply with the EO and better protect long-duration data should conduct a quantum risk assessment and deploy quantum-safe solutions for protecting their data today and in the quantum-enabled future. Failing to do so, could cause premature obsolescence of any upgraded system or architecture — a costly and risk-intense scenario best avoided.
Source: GCN. Shahryar Shaghaghi, Why quantum and data protection should go hand in hand…
Content may have been edited for style and clarity. The “+” to the left of paragraphs or other statements indicates quoted material from “Source:” document. Boldface title is original title from “Source:” Italicized statements are directly quoted from “Source:” document. Image sources are indicated as applicable.
