6 Steps to Migrate  to NIST's Post-Quandum Standards

NIST's Post-Quantum Standardization process is in its third round. As we are getting closer to new standards, the question that arises is: how can we migrate to those new standards? This is one of the central topics of NIST in the past few months, publishing whitepaper(s) and holding themed conferences.

As the Principal Crypto Technologist at InfoSec Global, I have taken part in NIST’s conference as well as other conferences in the last few weeks. We have developed a concrete roadmap to answer both how to migrate to those new standards, in addition to what those new standards are.

The steps in ISG’s roadmap are as follows:

  1. Create a complete inventory of your cryptography.
  2. Identify today's crypto vulnerabilities in your inventory.
  3. Identify vulnerabilities with respect to quantum adversary.
  4. Protect your perimeter (i.e., vital communications between your organizations components that happen within the outside world) using agile approach and hybrid approach, that combines classical and post-quantum cryptography
  5. Start migrating your architecture to enable cryptographic agility
  6. Once cryptographic agility is built-in, switch to post-quantum standards that are finalized by standardization bodies.

Do not hesitate to contact us at info@infosecglobal.com for more information on how your organization can migrate to NIST's new standards.

NIST Releases the Draft of Post-Quantum Cryptographic StandardsNew Signature Algorithms for NIST’s Standardization Project a Main Topic at PQCrypto 2023NIST Lists 40 Submissions to Their Call for Additional PQC Digital Signatures Schemes