The eventual arrival of quantum computers means that most of the algorithms we currently rely on for public key infrastructure (PKI) will no longer be secure. By being crypto agile and trying out the new Post-Quantum Cryptography (PQC) algorithms, you can start preparing already today.
The question of when a large-scale quantum computer will be built is a complicated one. At the moment, estimates put the arrival of "meaningful" (at least in this sense) quantum computers at around 2030 or soon after.
According to the National Institute of Standards and Technology (NIST), the goal of post-quantum cryptography is to develop cryptographic systems that are secure against both quantum and classical computers and can interoperate with existing communications protocols and networks.
The main activity in this area right now is the NIST Post-Quantum Competition, which is coming to the end of its final stage in defining new standards for PQC algorithms.
What do you need to do?
As the time to roll out new PQC algorithms gets closer, it is wise to establish a high level of crypto agility in your organization. This is already needed for the use of classic cryptography, even if quantum computing never becomes a legitimate threat.
Being crypto agile involves factors such as:
- Having an inventory of keys, certs and algorithms in use
- Automation and compartmentalization - to better manage changes and reduce side effects
- Shorter validity - making agility mandatory in products and solutions
It is also recommended that you try out the new algorithms as final candidate implementations become available from the NIST competition. While there are likely some differences with the final standards, the characteristics of the algorithms are unlikely to change, and they are likely to have long-term effects on resourcing, design, protocols, and performance. The US Government has already indicated that they will expect vendors to be moving to these algorithms when standards are available, and other governments and organizations are likely to do the same. It does not hurt to prepare now, rather than face an unpleasant surprise in the future.
How can Keyfactor help?
Crypto agility involves so much more than changing an algorithm name - and these are all topics that Keyfactor can help you with. Bouncy Castle already provides support for the Post-Quantum signature standards XMSS and LMS and is planning to provide initial implementations of the NIST PQC finalists and the alternate candidates as the submissions are finalized.
Keyfactor can also help you in preparing your certificate issuance and digital signatures using PQC algorithms. Among other ongoing activities, we will demonstrate Post-Quantum Cryptography (PQC) code signing based on a PQC CA hierarchy in IoT applications, as it is expected to be one of the first areas where PQC is applied. The demo is based on the SPHINCS+ algorithm and will be available at the PrimeKey booth at the RSA conference 2022. For certificate authorities, we recommend creating a separate PQC CA hierarchy, much like is already the standard for RSA and EC. We currently do not see the need for hybrid certificates on the market for most use cases.
For more information
For more information on what is going on with Post-Quantum Cryptography (PQC) at the moment, as well as what it might entail to get ready for PQC, with certificate issuance, digital signatures, and crypto agility, see here: