Security experts weigh in on how industry and government should adopt recently announced post-quantum cryptography standards.
On July 5, at the end of a six-year process, the US National Institute of Standards and Technology (NIST) announced four post-quantum cryptography (PQC) algorithm standards. So, while the mathematics1 behind quantum-safe cryptography have been studied for years — and is embedded in In 2019, IBM announced the first quantum-safe tape drive. Announced in 2022, the IBM z16 mainframe is the industry's first quantum-safe system.two IBM products — this formal proclamation made clear that industries and governments, alike, must take steps to keep their systems and data “quantum safe,” now.
To explain what this move to quantum-safe cryptography solutions means for these organizations, and how they can start the process, experts from NIST, NXP, and IBM — scientists who either had a hand in developing or choosing the PQC standards — held a virtual roundtable on September 21, 2022: The Cryptography Standards That Will Keep Today's Data and Systems Quantum Safe.
Moderated by IDC Research Manager Heather West, the discussion with NIST Computer Security Mathematician Dustin Moody, NXP Cryptography Researcher Joppe Bos, and CTO of IBM Quantum Safe Michael Osborne ranged from what kind of threats future Quantum computing will be the next step in computation, augmenting classical computing resources, so that we can solve difficult and complex problems. While we’re still building and exploring the possibilities of quantum technology, IBM Quantum expanded its roadmap to anticipate the future of quantum-centric supercomputing.quantum computers may pose to today’s classical systems and data, and how post-quantum cryptography protects those systems and data; to what to do about “harvest now, decrypt later” attacks; and use case examples for how different industries and organizations need to begin deploying quantum-safe solutions throughout their technology infrastructure.
“There are all kinds of use cases where you want to start thinking now about migrating (to post-quantum cryptography). For example, use cases which operate on sensitive data, like medical data...(or) the automotive industry, where cars are on the road for a long time.” — Joppe Bos, Cryptography Researcher, NXP
“The harvest now, decrypt later threat is really quite interesting. What it says is that you can be at risk today from a quantum attack even though a quantum computer is not yet built.” — Dustin Moody, Computer Security Mathematician, NIST
“We’re really concerned about making sure that, as we enter the quantum era, the sorts of cryptography that we need are upgraded to be safe. So, it’s about replacing what we have, with quantum-safe encryption that will run with all of the systems we have today.” — Michael Osborne, CTO, IBM Quantum Safe
- Joppe Bos, Cryptography researcher, NXP
- Dustin Moody, Computer Security mathematician, NIST
- Michael Osborne, CTO, IBM Quantum Safe
- Heather West, Research Manager, IDC (Moderator)
- Note 1: In 2019, IBM announced the first quantum-safe tape drive. Announced in 2022, the IBM z16 mainframe is the industry's first quantum-safe system. ↩︎
- Note 2: Quantum computing will be the next step in computation, augmenting classical computing resources, so that we can solve difficult and complex problems. While we’re still building and exploring the possibilities of quantum technology, IBM Quantum expanded its roadmap to anticipate the future of quantum-centric supercomputing. ↩︎