While it's not easy to predict the next breakthrough, most experts estimate quantum computers with tens of thousands of qubits that can crack current encryption will be developed by the mid-2030s.
The challenge is not solely technical, and coordination across government and industry will be required to implement and deploy solutions. Aware of the impending threat, the US government is setting plans in motion. Last year the National Institute of Standards and Technology (NIST) announced four quantum-resistant cryptographic (PQC) algorithms it will develop into standards by 2024. The National Security Agency (NSA) set a 2035 deadline for national security systems to implement PQC. And late last year Congress passed the Quantum Computing Cybersecurity Preparedness Act, which addresses the migration of all other federal government IT systems to PQC along the same timeline as the NSA.
Why the urgency if the so-called "Q-Day" is likely a decade away? First, because US adversaries can record encrypted Internet traffic today, store it indefinitely, and then decrypt it once they have a capable quantum computer, known as harvest now, decrypt later (HNDL) schemes.
Second, the process of cryptographic migration could take more than a decade to complete depending on the size and complexity of an organization and its IT architecture. The Internet has become so complex and dependent on infrastructure from different organizations that one weak link can undo all of the preparation by the others. And that decade lines up with the timeline for quantum computers that can break current cryptography.
Protecting All the Things
The tech industry will update a myriad of security standards to incorporate PQC algorithms to protect their intellectual property and other valuable data assets. Open source software needs to integrate these algorithms and standards. Major operating systems need to incorporate them as well, from Windows to Apple and Android.
Beyond software, we also need hardware chips to implement these algorithms — especially hardware security modules that manage encryption keys in an extremely secure manner.
Devices including smartphones, cars, industrial systems, and network infrastructure will also require upgrading. They all rely on cryptography to securely connect to the Internet and cloud-based control systems. We need to protect the Internet of Things from widespread hacking. These upgrades may be more difficult because they could rely on hardware encryption devices, such as SIM cards in smartphones.
Last, and perhaps most importantly, the public key infrastructure that cryptography currently depends on needs to be upgraded to support PQC algorithms.
Making PQC Happen in the Real World
Cryptography on the Internet works because of trusted third parties known as certificate authorities. Their job is to certify the authenticity of encryption keys. When you visit your bank's website, a certificate authority is vouching for your bank's encryption keys, allowing you to trust them. These authorities need to be upgraded to support PQC as well.
Among the most important use cases is code signing. Every time your computer downloads a software update from the Internet, it verifies a digital signature that guarantees its authenticity and asserts that it hasn't been modified by a hacker. This is extremely important because a malicious software update could effectively take control of your device and its data.
PQC migration will begin with developing a cryptographic inventory that maps all of the cryptography deployed in an organization to identify potential vulnerabilities. A comprehensive cryptographic inventory will also help to create a migration road map and projected costs before analysis, remediation, and management begins.
A hybrid approach to cryptography will also be required for some time, when both old and new encryption keys are simultaneously supported. With that infrastructure in place, enterprisewide upgrades can be implemented. Cryptographic agility will be essential to respond to evolving cybersecurity compliance requirements and threats, without requiring significant infrastructure changes, to ensure organizations maintain mission continuity.
Efforts are already underway to bring visibility and acceleration to PQC adoption. NIST has industry collaborators working with it on a Migration to Post-Quantum Cryptography project. The wireless industry has created a task force exploring standardization. Workshops like Real World PQC are bringing together global stakeholders.
But the entire tech industry needs to move together with urgency to meet a threat that is already present. Regardless of whether Q-Day is five or 50 years away, sensitive data and communications are vulnerable to exposure in the future without immediate, comprehensive action.