The White House issued a National Security Memorandum on January 19, 2022, with instructions outlying the first steps for the migration of National Security Systems (NSS) to quantum resistant cryptography:

“Within 180 days of the date of this memorandum, agencies shall identify any instances of encryption not in compliance with NSA-approved Quantum Resistant Algorithms or CNSA.”

It has been known for some time that cryptography currently used to secure communications will be vulnerable to attacks from adversaries with large-scale quantum computers. Although it is difficult to know exactly when such quantum computers will first be in operation, estimates range as early as 5 to 10 years. Note that quantum computers exist today, but they are not yet at the large-scale milestone.

One of the largest concerns is that adversaries are harvesting encrypted internet traffic and storing it with the goal of decrypting it in the near future. After scaling quantum computers to be at a large-scale level, the adversary will then be able to decrypt this stored information. These adversaries could be nation states or any other malicious actors.

To overcome this problem, the National Institute of Standards and Technology (NIST) has been standardizing new cryptographic algorithms that can withstand any attack, including those by adversaries in the future who have access to powerful quantum computers. First half of the NIST’s post-quantum cryptography standard is scheduled to be announced within the coming weeks. The NSA has stated that

“programs should anticipate that after NIST provides the needed standards there would be rapid movement toward requiring support of a quantum-resistant standard in new acquisitions. Further, it will be expected that software-upgradable devices will also add support promptly as part of the normal update process.”  

With NIST’s standardization of the first quantum-resistant algorithms just around the corner, the next step for governments and private industry alike is to identify the critical cryptographic components to upgrade. Not all information needs this upgraded security right away. However, any information that requires long-term confidentiality is a prime candidate for immediate protection by post-quantum algorithms.  

From past experience, we know a migration of this scale will take at least a decade to complete. The cryptographic infrastructure is complex and will require careful planning. In the coming years, the entire trust chain and the associated certificates will need to be replaced by ones that are quantum-resistant, as well as all public-key cryptography.

This recent memorandum by the White House gives a fixed date by which the agencies in charges of NSS need to identify any instances of encryption not in compliance with NSA-approved Quantum Resistant Algorithms or the Commercial National Security Algorithm Suite (CNSA), and “a timeline to transition these systems to use compliant encryption.” The CNSA is a temporary suite of cryptographic algorithms designed to serve during the interim while planning for the transition to quantum-resistant cryptography.  

Planning a quantum resistant migration is part of the larger goal outlined in this memorandum of securing digital data. Cryptographic migrations, like those to the CNSA and to post-quantum cryptography, are necessary to deal with depreciated or broken cryptographic algorithms, but by having crypto-agile solutions we can prepare for any such migrations. The first step is to identify where the quantum-vulnerable cryptography resides, which requires discovery and analysis of entire cryptographic inventory which can be done with Infosec Global’s AgileSec Analytics offering.

NIST releases the draft of Post-Quantum Cryptographic StandardsNew Signature Algorithms for NIST’s Standardization Project a Main Topic at PQCrypto 2023NIST lists 40 Submissions to their Call for Additional PQC Digital Signatures Schemes