In a significant move towards securing the future of cryptography, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and National Institute of Standards and Technology (NIST) have released a joint factsheet on the impacts of quantum capabilities.
Quantum-Readiness: A New Era of Security
The factsheet, titled "Quantum-Readiness: Migration to Post-Quantum Cryptography," outlines the necessary steps for organizations to begin planning for migration to PQC standards. This initiative is particularly crucial for those supporting critical infrastructure, as the first set of PQC standards is planned for release in 2024.
The Quantum Threat and the Need for Early Planning
Quantum computing presents both opportunities and threats. While it promises unprecedented computational power, it also poses risks to current cryptographic standards. The joint factsheet emphasizes the importance of early planning and the development of a quantum-readiness roadmap.
Guidance for Organizations and Technology Vendors
The new resource provides guidance on preparing a cryptographic inventory, engaging with technology vendors, and assessing supply chain reliance on quantum-vulnerable cryptography. It also offers recommendations for technology vendors to ensure products use post-quantum cryptographic algorithms and prepare to support forthcoming NIST PQC standards.
Leadership Insights
CISA Director Jen Easterly stressed the imperative for organizations, especially critical infrastructure, to begin preparing for migration to post-quantum cryptography. Rob Joyce, Director of NSA Cybersecurity, emphasized the need for extensive collaboration between government and industry.
Conclusion: A Proactive Approach to Quantum Security
The transition to a secured quantum computing era is a long-term intensive community effort. The joint factsheet is a vital step in ensuring that public and private sector organizations have the resources and capabilities necessary to prepare and manage this transition effectively.
For more information, visit Post-Quantum Cryptography Initiative; for NSA, visit Post-Quantum Cybersecurity Resources; for NIST, visit Post-Quantum Cryptography.
