Post Quantum Consulting

Ultimately, the entire global infrastructure will need to transition to quantum-safe cryptography. The following two groups will be most immediately affected:

• First, organizations that need to keep secrets safe for long periods of time. This might include governments, law firms, medical research and pharmaceutical companies.
• Second, organizations that won’t be able to easily change their crypto as a real quantum computing threat emerges. For example, organizations that have a reliance on a microprocessors that need a 10-year development cycle and have a 20-year year life. Many embedded systems are often supposed to last decades.

Unless your organization falls into one of the two groups above, probably not. However, all organization should begin planning now and investigate, and potentially experiment, before NIST standards are published (NIST drafts are to be available in 2022-2024). It would be ill-advised to adopt something prior to NIST standards since one would likely need to upgrade once the final standards are released.

QKD is solution that has been shown to work. It does not rely on quantum computing. QKD works for point to point links where one can be sure there is no middleman in your link. The Chinese ground to satellite QKD laser link is a good example of this; however, a buried fiber optic cable is not a good application. QKD does require specialized infrastructure, and as such, the timeline for adoption is much further out.

Generally, QKD is only suitable for point to point and doesn’t allow for switching. Further authentication of QKD information is an unsolved problem. You can detect if a man in the middle jumps into the middle of your QKD link but you can’t detect the man in the middle if he was there from the beginning such as with a fiber optic repeater. QKD works as a link to link security mechanism. It doesn’t work as an end to end security mechanism.

Even once scalable quantum computing arrives, the threat aperture will likely widen slowly. There is a lot of industry hype about when quantum computing will actually deal a death blow to today’s public key algorithms. The reality is that no one knows. Many experts think quantum computing will definitely arrive in the next 10 years, other expect that to be longer. Organizations with long lived information that needs to be protected, should be concerned. For many, it is probably most prudent to wait for standards.

High risk sectors such as national security, financial, pharmaceutical, medical research and will be the first affected. Any organization with information that has lasting value should be protected. Classic examples are trade secrets and personnel records. Code signing is also an important long term security need. The need for post quantum today applies to data that needs to kept secret for a really long time. So, \if data needs to be protected for 20, 30 or 40 years, then consider post quantum protection soon. If your data only needs to be kept secret for the next 10 years, wait for NIST to standardize and use those algorithms.

Planning. It is vital for organizations to understand their risk exposure in order to determine what precautions need to be taken and when. For organizations that require a near-term solution, a hybrid cryptosystem may be appropriate. A hybrid cryptosystem is one which uses two different cryptographic algorithms to perform the same function. There are pros and cons to hybrid cryptosystems as well.

Now is also the time for engineering and experimentation to determine optimal solutions. Most PQC is not yet ready for prime time. Ideal solutions will still require significant research and development efforts to perfect.