Quantum computers (QCs) threaten network and data security. When QC development reaches a mature state that produces cryptographically relevant quantum computers (CRQCs), purpose-built to break decryption, many classical ciphers that were deemed safe will no longer be able to prevent attackers from decrypting your data. This means that your public key infrastructure (PKI) based on classical cryptography will be vulnerable to post-quantum attacks. The threat is immediate, especially for long-lived data, because of Harvest Now, Decrypt Later attacks, in which attackers obtain the encrypted data and store it until they have a CRQC that can decrypt the data.

Resistance to attacks based on quantum computing begins with enhancing the key created during the IKEv2 key exchange to safeguard your VPNs and with understanding your current cryptography and post-quantum cryptographies (PQCs). Palo Alto Networks' solutions to resist quantum attacks are based on open standards to enable and ensure interoperability with other equipment that meets the standards.

The first step is to implement RFC 8784 to create quantum-resistant IKEv2 VPNs as described in this document. Quantum-resistant VPNs can prevent attackers from recording critical encrypted key material and prevent them from decrypting the data even if they successfully steal the encrypted data. RFC 8784 provides a quantum-resistant transition from today's classical cryptography in a straightforward manner that does not require cryptography upgrades and is deemed the easiest way to introduce quantum resistance to your VPN communications.

The second step is to implement RFC 9370 by itself or with RFC 8784 to create quantum-resistant IKEv2 VPNs using multiple key exchange mechanisms (KEMs) that can combine both classic and PQC KEM technologies. This solution is also known as IKEv2 post-quantum hybrid key and uses the new replacement PQC algorithms that are not vulnerable to a quantum attack that uses Shor's algorithm.

This chapter describes QCs, the threat they pose to your data security, what you can do about it now by creating quantum-resistant IKEv2 VPNs, and how to plan and prepare to migrate to post-quantum VPNs and PQCs.