The time to prepare for post-quantum cryptography is now.
Within the decade, a quantum computer will be realized that has the computing power and stability to break the public key encryption protocols, such as RSA and Elliptic Curve Cryptography, that protect sensitive data, applications, and transactions we use every day.
There's also the "harvest now, decrypt later" threat where bad actors are collecting sensitive data today, to decrypt once a quantum computer is capable. Don’t underestimate the effort needed to migrate to post-quantum cryptography – the effort will take years.
What's at Risk?
IMPACT FROM LARGE-SCALE QUANTUM COMPUTER
Impact of Quantum Computing on Common Cryptographic Algorithms (Source: NISTIR 8105)
To support the general readiness of the current PKI estate to evolve quickly based on new and emerging threats, Entrust has undertaken the Post-Quantum Cryptography (PQC) Self-Assessment. This assessment actively focuses on a review of an organization’s current readiness for new and emerging crypto threats. The assessment achieves this by identifying areas within the business that either do not exist or hamper crypto-agility.
How to Prepare Now
Knowing what cryptographic assets and algorithms you have, and where they reside, is a best practice anyway and essential for preparing for post-quantum cryptography.
- Data: Know where your long-life data - sensitive data that must remain confidential for 10+ years - resides and understand the data flows.
- Cryptographic Assets: Ensure you have a full and clear inventory of all the cryptographic assets (keys, certificates, secrets, and algorithms) across your environments and what they're securing.
The Entrust Cryptographic Center of Excellence (CryptoCoE) can help you prepare with a Cryptographic Health Check. In addition, you can take our Post-Quantum Self-Assessment to see how prepared you are today for the future of cryptography.
Once you know where your highest value data resides, and what cryptography is in use to secure it, you'll know what’s at risk and where to start. Ensure your organization has a fully crypto agile approach - the ability to easily transition from one algorithm to another - which will be critical for the migration to post-quantum cryptography.
NIST has announced the round 3 finalist algorithms for their Post-Quantum Competition, and Entrust PKI as a Service (PKIaaS) for PQ supports all 3. Available as a trial, it provides customers with composite and pure quantum certificate authority hierarchies and gives organizations the ability to test multi-certificates or composite certificates with their applications. You can also start prototyping with nShield hardware security modules or nShield as a Service and CodeSafe, our secure software development kit.
Entrust has a leading role in creating the post-quantum cryptography standards. Trust our Cryptographic Center of Excellence to help you inventory your cryptographic assets, assess your crypto-agility maturity, and plan your migration to post-quantum cryptography with the same company helping to define it.
Our Solutions for Post-Quantum Cryptography
Benefits by Role
- Confidently present to the CEO, board, and other stakeholders the organization-wide strategy and roadmap to post-quantum cryptography
- Protect your organizations most sensitive assets today from "harvest now, decrypt later" attacks
- Gain confidence in your PQC migration by knowing you've implemented a crypto-agile approach across your organization
- Invest in a "PQ ready" PKI to protect your organization today, and future-proof it for a post-quantum future
- Gain visibility into your cryptographic assets so you can prioritize the transition
- Start testing with PQ safe algorithms to ensure a hybrid approach to security today and understanding the impact to systems and applications
It’s going to be a long battle to prove and deploy true quantum-safe systems. We have time, but we need to crack on.
PLAN WITH ENTRUST EXPERTS
Entrust has a leading role in creating the post-quantum cryptography standards that are the future of data protection. We’re participating members of the Internet Engineering Task Force (IETF) and have the only draft for dual mode – which helps with crypto-agility – that’s being looked at.
Entrust’s Cryptographic Center of Excellence (CryptoCoE) provides the tools and guidance needed to inventory and prioritize your data and cryptographic assets, and put a post-quantum plan in motion.
- The future of cryptography
- Best practices for creating a strong cryptographic strategy
- Quantum computers and cryptography
- The state of the quantum world
- And more!