‘Harvest Now Decrypt Later’ (HNDL) attacks currently represent the world’s greatest existential cybersecurity threats. These attacks see hostile actors steal encrypted data now, which can be decrypted once a cryptographically relevant quantum computer (CRQC) emerges.
This makes it critical to begin the process of replacing hardware, software, and services that use public-key algorithms now, so that the information is protected from both HNDL and, eventually, future quantum attacks.
It is for this reason that the National Institute of Standards and Technology (NIST) established a consortium of organisations as part of its National Cybersecurity Center of Excellence (NCCoE) “Migration to Post-Quantum Cryptography (PQC)” project. Today, Post-Quantum, the oldest specialist PQC firm in the world, has been selected to be a part of the project, supporting it in developing tangible PQC implementations and use cases.
The NCCoE project brings together experts from industry, government, and academia to address the real-world needs of securing complex IT systems and protecting the nation’s critical infrastructure. Participants include Palo Alto Networks, Amazon Web Services (AWS), Cisco, Microsoft and VMWare as well as other vendors who are sharing their expertise in planning for and implementing post-quantum cryptographic algorithms.
Post-Quantum’s selection will see the company playing a central role in:
- Ensuring smooth transition and deployment of VPN that will protect us from HNDL attacks
- Ensuring that backward compatibility is supported
- Testing different PQC algorithm configurations in hybrid arrangement, not only in those standardised by NIST, but also other PQC algorithms.
- Providing in particular unique implementation know-how in securing edge to mobile end-points.
Andersen Cheng, Executive Chairman, Post-Quantum commented: “Our priority over the last few years has been on accelerating real-world implementations. For example, last year a new standard that we authored for a hybrid quantum-safe Virtual Private Networks (VPN) was ratified by the Internet Engineering Task Force (IETF). This new standard is now the glue that allows parties using different post-quantum key establishment algorithms to talk with one another, which is particularly important as we enter a situation where different nation states deploy a variety of different algorithms. We are looking forward to sharing implementation knowledge of our protocol and unique know-how in securing mobile end points with partners such as Palo Alto, Microsoft, and AWS, to accomplish an end-to-end secure quantum migration.”
Working in high-grade cybersecurity and encryption innovation, Post-Quantum works for various secure areas of banks, defence organisations, and governments. As a first mover in the industry, the company is one of the very few organisations which has progressed past the R&D stage and can provide operational quantum-safe solutions today. It has designed and built a range of quantum-safe products like VPNs and Identity Systems, which have been deployed by organisations like NATO.
For more information about Post-Quantum, please visit: https://post-quantum.com/index.html
