Learn More About Post-Quantum Security
Post-quantum security information from government, standards, and other
resources.
Post-quantum security, post-quantum technologies, and recommended post-quantum
implementations are in their infancy. As you plan for securing your assets in a
post-quantum computing world, it's important to understand as much as you can about
post-quantum technologies, government regulations and mandates that affect your
business, and how to transition to post-quantum VPNs and ciphers.
The United States government and governments around the world are creating plans to
address the quantum security threat posed by quantum computers and post-quantum
cryptography. In addition, standards bodies such as the National Institute of
Standards and Technology (NIST) and the Internet Engineering Task Force (IETF) are
creating standards for new post-quantum technologies and how to implement them.
This topic provides links to information to help you increase your understanding,
preparation, and transition to post-quantum security in your business.
United States Government
The governments of many nations are developing plans, mandates, and laws to address
the quantum computing threat and the advent of post-quantum cryptography. The
following links provide information on the how the United States government is
addressing the issue, including links to information from the National Institute of
Standards and Technology (NIST) and the National Security Agency (NSA). Check your
local government's security sites and organizations to find out how your government
is approaching post-quantum security.
The
Post-Quantum Cryptography Initiative from the Cybersecurity
& Infrastructure Security Agency (CISA) unifies post-quantum efforts
with other government agencies and industry partners to address quantum
computing threats. The site also provides links to more resources from CISA,
NIST, and the Department of Homeland Security.
Executive Memorandum M-23-02,
Migrating to Post-Quantum Cryptography
, from the Executive
Office of the President, provides direction for United States agencies on
complying with
National Security Memorandum 10
(NSM-10),
National Security Memorandum on Promoting United
States Leadership in Quantum Computing While Mitigating Risks to
Vulnerable Cryptographic Systems
.
RFCs
Requests for proposal (RFCs) describe the technical foundations of the
internet. Several RFCs describe aspects of IKEv2 resistance to attacks from quantum
computers:
RFC 8784,
Mixing Preshared Keys in the
Internet Key Exchange Protocol Version 2 (IKEv2) for Post-Quantum
Security
, describes the standard for the IKE extension that
enables IKEv2 to be resistant to attacks from quantum computers.
How RFC 8784 Resists Quantum Computing Threats summarizes the effect of RFC 8784 in your
network.
RFC 6379,
Suite B Cryptographic Suites for
IPsec
, describes the Suite-B-GCM-256 bit algorithm that you
should use instead of the weaker AES-128 bit encryption. Removing weak
ciphers such AES-128 helps delay the time when
Grover's algorithm might be able to break
symmetric encryption.
RFC 9370,
Multiple Key Exchanges in the
Internet Key Exchange Protocol Version 2 (IKEv2)
, describes how
to extend IKEv2 to allow multiple key exchanges to mix into creating the
encryption key.
RFC 9242,
Intermediate Exchange in the
Internet Key Exchange Protocol Version 2 (IKEv2)
, defines an
intermediate exchange mechanism that enables the transfer of large amounts
of data, such as encryption keys based on multiple key exchanges, in the
initial key exchange. This helps to avoid fragmentation. (Some devices don't
allow fragmentation.)
RFC 7383,
Internet Key Exchange Protocol
Version 2 (IKEv2) Message Fragmentation
, enables IKE messages to
be fragmented at the IKE level, which eliminates issues caused by IP
fragmentation. However, RFC 7383 doesn't work for the initial exchange. RFC
9242 helps avoid fragmentation in the initial exchange and RFC 7383 avoids
IP fragmentation in subsequent IKEv2 messages.
Technologies and General Information
Many organizations recognize the potential threats posed by quantum computers and by
technologies that pose no danger when run on classical computers but pose
potentially catastrophic danger when run on a cryptographically relevant quantum
computer (CRQC).
The Open Quantum Safe organization's
liboqs site is an open source C library for
quantum-safe cryptographic algorithms.
Shor's algorithm threatens to break many
classical asymmetrical encryption algorithms that are in use today when used
with a CRQC. Shor's algorithm factors large, complex numbers to derive the
prime numbers that are the basis for classical, asymmetric encryption.
Grover's algorithm is a quantum, quadratically
accelerated unstructured search algorithm. It can break classical
symmetrical encryption algorithms through brute force by cutting the
cryptographic strength of AES algorithms and hash functions in half when it
is used with a CRQC.
Harvest Now, Decrypt Later attacks
are a currently active threat. In Harvest Now, Decrypt Later attacks,
attackers steal data that they can't decrypt now and store it until a CRQC
can decrypt it. These attacks are taking place today and pose an immediate
threat to long-lived data.
The Quantum Inspire knowledge base article
What is a Qubit?
explains quantum bits.