Significant research has been done in the recent years on quantum computers – machines that use quantum mechanical phenomena to solve mathematical problems that are difficult or unsolvable for conventional computers. If large quantum computers are ever built, they will be able to break many public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. NIST has defined PQC as an area of cryptography that researches and advances the use of quantum-resistant primitives, with the goal of keeping existing public key infrastructure intact in a future era of quantum computing. The goal of post-quantum cryptography (also known as quantum resistant cryptography) is the development of cryptographic systems that are secure against quantum and classical computers and can interoperate with existing communication protocols and networks. With the ever increasing trend of increasing cyber attacks the implementation such cryptographic methodologies will definitely be beneficial.
The Cybersecurity and Infrastructure Security Agency (CISA) announced on the 6th of July with respect to the establishment of a Post-Quantum Cryptography Initiative to unify and drive agency efforts to address threats posed by quantum computing. Jen Easterly, CISA director quoted “CISA continually works to understand and anticipate the risks to critical infrastructure from evolving technologies including quantum computing,”. NIST has called out the first list of cryptographic algorithms thereby evolving towards their post-quantum cryptography standardization project to identify a new standard to replace the current, quantum-vulnerable cryptography.
The question of when a large quantum computer will be built is complicated. While it was less clear in the past that large quantum computers were a physical possibility, many scientists now believe it is just a major technical challenge. Indeed, some engineers predict that within the next twenty years quantum computers will be built large enough to break essentially all public key schemes currently in use. Historically, it took nearly two decades to implement our modern public key cryptographic infrastructure. Therefore, whether or not we can estimate the exact time of the advent of the quantum computing era, we must now begin preparing our information security systems to withstand quantum computing. CISA has summarized that although NIST does not expect to publish a standard for use by commercial products until 2024, organizations should start preparing for the transition now by following the DHS and NIST Post-Quantum Cryptography Roadmap. (Sources : CISA)
As this technology advances over the next decade, quantum computing is increasing risk to some encryption methods that are widely used to protect customer data, complete business transactions, and secure communications. “It may seem that cyber risk management leaders have time to prepare, but the era of post-quantum cryptography (PQC) has already begun for many companies, whether they realize it or not. For example, more and more connected vehicles will have to meet high security standards to protect the safety and privacy of users for their usable lives, which could easily last until after 2040, when experts believe that quantum computers with correction of the effects will be available mistakes.