Cyber Security

Is it time to migrate to Post-Quantum Cryptography to protect long-term sensitive data?

PA Asked by Patricia Williams · 10-11-2023
0 upvotes 8,976 views 0 comments
The question

With the rapid advancement of quantum computing, I'm concerned about the "harvest now, decrypt later" threat. How should a mid-sized firm begin evaluating its current encryption standards against future quantum threats? Are the NIST-selected algorithms ready for production use, or should we wait for more established hardware support? I'd love to hear from anyone currently performing a cryptographic inventory. 

3 answers

0
BA
Answered on 12-11-2023

The "Harvest Now, Decrypt Later" threat is very real for data with a long shelf life, like medical records or national secrets. NIST has finalized several algorithms like CRYSTALS-Kyber. You should start with a "Quantum Readiness Assessment." This involves identifying everywhere you use RSA or ECC and determining which data needs protection for 10+ years. You don't necessarily need new hardware yet; most PQC algorithms are software-based and can be integrated into your existing TLS stacks. Start by demanding a Software Bill of Materials (SBOM) from your vendors to see their roadmap.

0
MI
Answered on 15-11-2023

Does your current infrastructure even support the larger key sizes required by most post-quantum algorithms without significant latency issues? 

RI 17-11-2023

Michael, that's the primary technical challenge. PQC keys and signatures are often orders of magnitude larger than RSA keys. In our testing, we found that certain legacy load balancers and older network appliances actually dropped packets because the certificates were too large for their buffers. You definitely need to perform thorough lab testing on your network MTU settings before rolling this out to production.

0
SU
Answered on 19-11-2023

Focus on "Crypto-Agility." This means designing your systems so you can swap out encryption algorithms easily without a full system overhaul when standards change. 

PA 20-11-2023

Susan's point about crypto-agility is the most practical advice here. Since the standards are still evolving, being able to update your ciphers via configuration rather than hard-coding is essential for future-proofing any security architecture against the quantum era.

Share your thoughts

Your email address will not be published. Required fields are marked (*)

Professional Counselling Session

Still have questions?
Schedule a free counselling session

Our experts are ready to help you with any questions about courses, admissions, or career paths. Get personalized guidance from industry professionals.

Request a Call Back

Search Online

We Accept

We Accept

Follow Us

"PMI®", "PMBOK®", "PMP®", "CAPM®" and "PMI-ACP®" are registered marks of the Project Management Institute, Inc. | "CSM", "CST" are Registered Trade Marks of The Scrum Alliance, USA. | COBIT® is a trademark of ISACA® registered in the United States and other countries.

Book Free Session