Safeguarding National Security in the Quantum Age: The Imperative of Post-Quantum Cryptography

Public Sector
December 7, 2023
Safeguarding National Security in the Quantum Age: The Imperative of Post-Quantum CryptographySafeguarding National Security in the Quantum Age: The Imperative of Post-Quantum Cryptography

Safeguarding National Security in the Quantum Age: The Imperative of Post-Quantum Cryptography

In the ever-evolving cybersecurity landscape, a new and formidable shadow looms on the horizon, extending far beyond conventional cyber threats. It's a shadow cast by the coming age of quantum computing, a force that could undermine the very foundations of our digital security. Immediate action is imperative to maintain a strategic technology edge and preserve national security interests. Enter Post-Quantum Cryptography (PQC), a vital component of our preparations for the impending "Quantum Age" and a critical first step to maintaining technological and information sovereignty. 

Understanding Post-Quantum Cryptography (PQC):

Before we delve into the urgency of adopting PQC, let's unravel the enigma surrounding this cryptographic solution. At its core, PQC is a cutting-edge field within cryptography that addresses the threat quantum computing poses to traditional public key algorithms. As quantum computers become more powerful, they could break widely used such algorithms, rendering sensitive data vulnerable and exposing access to services or information only available behind authentication mechanisms.

The primary objective of PQC is to develop cryptographic techniques that can withstand attacks from quantum computers. Unlike classical cryptographic methods, PQC is based on algorithms and mathematical structures that are known to be resistant to quantum attacks.

Several PQC approaches are being explored, including lattice-based cryptography, code-based cryptography, and multivariate polynomial cryptography. These new cryptographic algorithms aim to provide the same level of security as current widely used schemes but without the susceptibility to quantum threats.

The rapid progress in quantum computing underscores the urgency of adopting PQC. Nation-states and malicious actors are investing in quantum technology, making securing our digital infrastructure a strategic imperative. Organizations and governments are now working together to identify where cryptographic assets are within an IT infrastructure, build cryptographic inventories, allocate resources for PQC migration, and assess the quantum-readiness level of existing systems.

As quantum computing technology advances in the coming years, the transition to PQC will become a crucial component of cybersecurity strategies worldwide. Early adoption is key to addressing this threat, as PQC represents the next frontier in ensuring data privacy and security, safeguarding sensitive information in an increasingly quantum-powered world.

The Peril of Quantum Computing:

The urgency surrounding PQC adoption is not hyperbole but a stark reality rooted in the rapid advancement of quantum computing. While large-scale quantum computers are still in their infancy, their computational power threatens to render our public key cryptography obsolete. The real danger lies in the actions of malicious adversaries, which have initiated 'Store Now Decrypt Later' (SNDL) campaigns, amassing encrypted data for future decryption. This ominous "Q-day" is rapidly approaching due to foreign nations' substantial investments in quantum technology, surpassing U.S. spending considerably.

As we peer into the future applications of quantum technologies, it becomes clear that the consequences of inaction are dire. The advent of quantum computing could potentially unravel the fabric of digital security that underpins our modern world. Here's why the peril of quantum computing is not to be underestimated:

  • Exponential Speed: Quantum computers possess an unparalleled ability to perform certain calculations exponentially faster than classical computers. Algorithms that would be practically impossible to break could be broken with quantum computing. This exponential speedup threatens the confidentiality and integrity of data.
  • Shattered Public Key Cryptography: Quantum computers have the potential to break widely-used cryptographic algorithms, such as RSA and ECC, which rely on the difficulty of factoring large numbers or solving discrete logarithm problems. Shor's algorithm, developed by mathematician Peter Shor in 1994, is a quantum algorithm that efficiently factors large composite numbers, which poses a significant threat to the above-mentioned widely-used cryptographic schemes. If fully realized on a powerful quantum computer, Shor's algorithm would render these cryptographic schemes broken, necessitating the development of new quantum-resistant cryptographic methods to guarantee security and privacy of  digital communication and data. 
  • SNDL Campaigns: The "Store Now, Decrypt Later" strategy employed by nation-states is a looming menace. Encrypted data intercepted today could be deciphered effortlessly once error correct fault tolerance is achieved. This clandestine approach allows adversaries to gather sensitive information covertly, waiting for the opportune moment to exploit it.
  • Economic and National Security Implications: The consequences of quantum computing reach far beyond cybersecurity. Industries such as finance, healthcare, and critical infrastructure rely on secure communication and data protection. A breach in these areas could have catastrophic economic and national security implications.

In response to this existential threat, governments and organizations worldwide must accelerate their efforts to adopt PQC. The race to safeguard our digital future from the quantum menace is not one we can afford to lose. The imperative is clear: act now or risk the unraveling of our digital security fabric in the quantum era.

Mitigating the Quantum Threat Together:

The global nature of the quantum threat demands collaboration with allies and the wider public sector. To stay competitive, we must:

1. Invest in the Quantum Workforce in the US and with our Allies: Cultivating a proficient cadre in quantum-related disciplines requires government agencies, academic institutions, and private sector investments, enabling global talent to collaborate on solving government challenges.

2.  Stipulate a Demand Signal: Elevating PQC within the Zero Trust Architecture (ZTA) framework is crucial to prevent technological inferiority against foreign adversaries. PQC provides alternative cryptographic schemes to secure against quantum attacks. Implementing PQC ensures that data remains confidential and maintains the integrity and authenticity, even in a quantum-threat landscape. 

3.  Operationalize the OMB Mandate: Government agencies should initiate network discovery activities in 2024, allocating resources for strategic preparedness. Biden’s FY25 Budget provides initial investment contours and detail for several key cybersecurity areas. More than $13.5 billion is requested to support and advance cyberspace activities that include: operationalizing zero-trust to reduce attack surfaces and fortify networks; advancing next-generation encryption solutions and integration; defense industrial base cybersecurity resources and solutions via the Cybersecurity Maturity Model Certification and supply chain risk management.  

4. Address Software Acquisition Challenges: Encouraging government agencies to embrace commercial enterprise license models for PQC is essential for predictable and flexible software solutions.

A United Front Against the Quantum Threat:

The imperative of PQC transcends borders as the quantum threat looms. Collaborative efforts are not only wise, but essential to mitigate this existential threat. Together with our allies, we must fortify the foundations of our digital future to ensure that security and technological supremacy know no boundaries.

About SandboxAQ:

SandboxAQ is an enterprise SaaS company and founding member of the PQC coalition at the forefront of AI and Quantum technology, addressing society's most challenging problems. Our quantum-resistant cybersecurity modules are designed to elevate enterprises to higher levels of security. We have contributed to PQC algorithm candidates selected by NIST and joined its Cybersecurity Center of Excellence’s (NCCoE) Migration to PQC Project. Our crypto-agile PQC solution can adapt to new algorithms, and we are partnering with multiple government agencies to prepare for the next era of computing. To learn more about SandboxAQ and our initiatives in the public sector, please visit our website and follow us on LinkedIn.

About the Author:

Lloyd Dabbs
Director of Public Sector Business Development 

Lloyd Dabbs leads the Public Sector Business Development team for SandboxAQ Federal. He partners closely with leading technology experts, engineers, and scientists to educate federal partners on the criticality of American dominance in quantum technology. Lloyd champions novel solutions to optimize the integration of quantum sensors, security, and simulation for the Federal marketplace. Lloyd is a veteran intelligence officer and expert in advanced surveillance technologies and led Department of Defense innovation projects for over 24 years.  

Connect with Lloyd

No items found.