The National Institute of Science and Technology (NIST) says that public-key encryption, digital signatures, and secure key exchange “are the heart and blood” of digital identity and trust. These support numerous online applications and services critical to our economy, safety, and way of life.
Public-key cryptography performs two essential functions:
- Establishment of an agreed, shared cryptographic key to secure online communications.
- Implementation of digital signatures to validate the identity of communicating parties, building, thus, trust over an open network.
The strength of today’s cryptographic algorithms relies on the difficulty of solving the mathematical problems of integer factorization and calculating discrete logarithms. These problems have been extensively studied for decades, and when properly configured, provide long-term security against traditional computers.
The quantum threat to cryptography
However, researchers have demonstrated that large, general-purpose quantum computers can exploit the quantum mechanical phenomena. Meaning, they will solve mathematical problems computationally infeasible for today’s conventional computers.
When large-scale quantum computers become mainstream, many of the existing public-key cryptographic algorithms will become obsolete. Broken cryptography can result in unauthorized access to sensitive information, lack of control over connected devices, and potentially overthrowing the global status quo.
The goal is to reap the benefits of quantum-safe technology without compromising data and system security. The NIST National Cybersecurity Center of Excellence (NCCoE) recommends several practices “to ease the migration from the current set of public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks.”
A proactive approach to planning and preparing for the post-quantum era is needed to establish and enforce crypto-agile solutions. Teams must be ready to mitigate the threat of quantum computers and safeguard their sensitive corporate data and encryption keys and algorithms.
Read more at: Security Boulevard