As the timeline to a cryptographically relevant computer shortens, awareness of the quantum threat is certainly increasing. Quantum computers pose a significant risk to current cryptographic systems, particularly those relying on public-key cryptography, and over the course of the last few years, this threat has been increasing in profile for governments, security agencies, and industry leaders around the world.
In this year of acceleration, there’s been a key international focus on developing roadmaps for transitioning quantum-vulnerable systems to new post-quantum cryptography (PQC) algorithms, particularly with a view to being able to switch those algorithms easily in the face of evolving threats.
The theme has been ‘act now, not later’ and it’s been encouraging to see that urgency re-emphasized on both sides of the Atlantic and beyond, throughout 2024.
In December, the Netherlands’ General Intelligence and Security Service, AIVD, together with applied scientific organizations TNO and CWI, produced an updated PQC Migration Handbook, designed to add guidelines for migrating to post-quantum cryptography. The handbook outlines a step-by-step process for this migration.
Quantum-vulnerability diagnosis
Organizations handling data with long confidentiality spans and those providing critical infrastructure clearly face the most immediate threat, and need to prioritize PQC migration. The first essential step is to create an inventory of the cryptographic primitives and protocols deployed within an organization.
Organizations should maintain a comprehensive inventory of cryptographic assets, and track cryptographic components with a Cryptographic Bill of Materials (CBOM) to manage PQC migration.
The handbook outlines a methodology for assessing the potential impact of a quantum attack, and reinforces the need for a detailed threat-assessment.
Planning
Migration of systems is likely to be complex. For this reason, it’s important to determine a migration timeline based on an organization’s risk tolerance. This includes taking into account the time required for migration, the shortening timeline until quantum computers become a practical threat, and of course, the lifespan of sensitive data.
Execution
The handbook provides recommendations for different functionalities such as key exchange (ML-KEM, FrodoKEM, Classic McEliece) and digital signatures (ML-DSA, FN-DSA, SLH-DSA).
Selecting and implementing appropriate PQC algorithms is a significant task, and one that should be done with cryptographic agility (the ability of a system to switch algorithms quickly in the face of new cybersecurity threats) in mind.
To that end, the handbook offers direction on how cryptographic agility can be integrated into change management. It details various types of agility, including algorithm agility, protocol agility, and hybrid PQ/T (combinations of post-quantum/traditional) approaches.
NIST Standardization
The US National Institute of Standards and Technology (NIST) is, of course, leading the effort to standardize PQC algorithms. The handbook summarizes the progress of this effort, and indicates other organizations such as ETSI who are moving towards formalized PQC standards and guidelines.
Practical considerations
The handbook also discusses the importance of secure implementations – something that resonates with PQShield’s groundbreaking work into side-channel countermeasures and physical threat detection, and it suggests that the performance of different PQC algorithms requires key tradeoffs between speed and size, comparing these algorithms carefully. That’s an issue that’s driven the way we’ve designed our security suite of optimizable hardware and software solutions, and as the handbook points out, it’s a vitally important consideration.
With this updated PQC Migration Handbook, the authors provide a comprehensive resource for organizations wanting to understand the quantum threat. It offers actionable strategies for mitigation, and will greatly help organizations navigate the process of transitioning to post-quantum cryptography.