Crypto Agility: Considerations for Migrating to Post-Quantum Cryptographic Algorithms

Download the Project Description

The NCCoE has released the draft project description, Migration to Post-Quantum Cryptography. Use the buttons below to view the publication.

Download the PDF »

Current Status

The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) is currently reviewing your feedback on our recently released draft project description, Migration to Post-Quantum Cryptography.

Questions and comments on this publication may also be submitted to applied-crypto-pqc@nist.gov.

Summary

The advent of quantum computing technology will compromise many of the current cryptographic algorithms, especially public-key cryptography, which is widely used to protect digital information. Most algorithms on which we depend are used worldwide in components of many different communications, processing, and storage systems. Once access to practical quantum computers becomes available, all public-key algorithms and associated protocols will be vulnerable to criminals, competitors, and other adversaries. It is critical to begin planning for the replacement of hardware, software, and services that use public-key algorithms now so that the information is protected from future attacks.

As reflected in National Institute of Standards and Technology (NIST) Interagency or Internal Report (NISTIR) 8105, Report on Post-Quantum Cryptography and NISTIR 8309, Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process, work on the development of quantum-resistant public-key cryptographic standards is underway, and the algorithm selection process is well in-hand, with algorithm selection expected to be completed in the next one to two years.

To complement that ongoing effort, the NCCoE has initiated a project to bring awareness to the issues involved in migrating to post-quantum algorithms and to develop practices to ease migration from current public-key algorithms to replacement algorithms that are resistant to quantum computer-based attacks. This project will develop white papers, playbooks, and demonstrable proof-of-concept implementations for organizations. The primary audience is organizations that provide cryptographic standards and protocols, and enterprises that develop, acquire, implement, and service cryptographic products.

NIST developed and posted a cybersecurity white paper, Getting Ready for Post-Quantum Cryptography to start the discussion. NIST also hosted a virtual workshop on Considerations in Migrating to Post-Quantum Cryptographic Algorithms on October 7, 2020, and the workshop materials and webcast are available. In addition, the NCCoE is forming a Cryptographic Applications community of interest in coordination with the NIST Post-Quantum Cryptography standardization team and the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) team to work on a migration playbook that would address the challenges and provide recommended practices to prepare for a smooth cryptographic migration. Click here to join the community of interest.