Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.
A future cryptographically relevant quantum computer may be able to break public-key algorithms such as Rivest-Shamir-Adleman (RSA), Elliptic Curve Diffie-Hellman (ECDH) and the Elliptic Curve Digital Signature Algorithm (ECDSA), leaving sensitive information vulnerable to attacks. Even today, data not protected with quantum-safe cryptography is at risk of being stolen and stored until it can be decrypted. These are commonly called “harvest now, decrypt later” attacks.
Standards bodies worldwide have begun guiding the transition to quantum-safe cryptography — encryption algorithms based on math problems considered difficult for even a mature quantum computer to solve. In 2022, after a six-year-long submission and review process, the National Institute of Standards and Technology (NIST) selected four quantum-resistant algorithms for standardization, three of which were contributed by IBM researchers and partners. Recent guidance from NIST, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recommends that organizations create a quantum-readiness roadmap for transitioning to these standards, which NIST expects to publish in 2024.
While every organization, guided by its CISO, should create its own quantum-readiness roadmap, three steps are critical for every organization to undertake to become quantum-safe:
Discover your cryptograp ..
Support the originator by clicking the read the rest link below.
