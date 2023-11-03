The UK National Cyber Security Centre (NCSC) has published updated guidance to help system and risk owners plan their migration to post-quantum cryptography (PQC). The guidance builds on the NCSC 2020 white paper Preparing for Quantum-Safe Cryptography and includes advice on algorithms choices and protocol considerations following the availability of draft standards from the US National Institute of Standards and Technology (NIST).

The point at which quantum computers will be capable of breaking existing cryptographic algorithms such public-key cryptography (PKC) - known as "Q-Day" - is approaching. It's a juncture that's been discussed for years, but with advancements in computing power, post-quantum threats are becoming very real. Some security experts believe Q-Day will occur within the next decade, potentially leaving all digital information vulnerable under current encryption protocols.

PQC is therefore high on the agenda as the security community works to understand, build, and implement cryptographic encryption that can withstand post-quantum threats and attacks of the future. There have been multiple notable initiatives, programs, standards, and resources launched this year to help the creation/development of and migration to PQC.

In August, NIST published draft PQC standards that are designed as a global framework to help organizations protect themselves from future quantum-enabled cyberattacks. The standards were selected by NIST following a seven-year process that began when the agency issued a public call for submissions to the PQC Standardization Process. NIST again called for public feedback on three draft Federal Information Processing Standards (FIPS), which are based upon four previously selected encryption algorithms.

Migration to PQC requires more than just new algorithms

Migration to PQC requires more than just new algorithms - protocols and services need to be re-engineered, because PQC typically places greater demands on devices and networks than traditional PKC, wrote John H, head of crypt research at the NCSC. "This is especially true of the amount of data that needs to be communicated between parties using PQC to secure their communications." International bodies have been working to update protocol standards in parallel with the development of algorithm standards, which is enabling test deployments of PQC by major service providers to understand the potential impacts of the transition, John H added.

While not straightforward, upgrading many major internet services (and the apps that access those services) will likely be one of the "easier" parts of PQC transition, John H said. "Many legacy and sector-specific protocols, including those used in critical national infrastructure (CNI) will also need to transition to PQC. Additional challenges in these use cases include having to run cryptography on devices with constrained resources, and on legacy systems that are hard to upgrade."