2022 could see the next stage in this work, with the National Institute of Standards and Technology (NIST) slated to release an initial standard for quantum-proof encryption algorithms. The Department of Homeland Security (DHS), meanwhile, has been creating resources to help prepare entities to adopt the new standards, and it plans to push for greater awareness of these offerings in the new year.
ANTICIPATING QUANTUM RISKS
Anticipated quantum computing advancements could introduce broad-reaching risks, threatening the encryption that secures everything from digital communications to credit card payments.
No one knows when the hypothesized cryptography-defeating capabilities will come into being, but senior DHS officials told Government Technology that they aim to be ready in case they come as soon as 2030.
NIST has been working for several years to identify new encryption methods likely to withstand even this computational power. It issued a call for so-called “quantum-resistant” encryption algorithms in 2016 and has since been winnowing the submissions down to a handful of the most promising.
The forthcoming standard may incorporate several different approaches, to help ensure it’s relevant, given that it’s not clear how exactly quantum computing will evolve, NIST mathematician Dustin Moody has said previously.
“It’s important for the eventual standard to offer multiple avenues to encryption, in case somebody manages to break one of them down the road,” Moody said in a 2020 NIST blog post.
The advent of cryptography-threatening quantum computing may seem far off, but DHS expects the transition to quantum-proof encryption will be a lengthy process, making it important for organizations to start early.
RAISING AWARENESS
Releasing NIST’s algorithms is only half the battle. The other is ensuring they’re widely — and promptly — adopted.
DHS road maps and resources released this year are intended to help organizations of all types prepare for shifting over to the forthcoming quantum-resistant algorithms. One of the department’s priorities for early 2022 is to get more organizations engaged with those guides, said a senior DHS official, who spoke to GovTech on the condition of anonymity.
“[We created] a communication that was digestible and understandable for our partners and gave them actions they can take now, to instill some urgency that the problem isn’t so far away that we can’t do anything, but we need to start preparing,” the official said.
Quantum computing’s threat to traditional encryption may not yet be high on states’ lists of priorities. An official from the National Association of State Chief Information Officers (NASCIO) told GovTech they weren’t aware of this being a current topic of discussion among CIOs.
MAKING PLANS NOW
DHS’s guidance urges organizations of all types to start assessing which of their systems and data sets will need to be updated to the new standard.
“The key question for us at this point, and for state and local governments, is to do an inventory of the data that may be relevant, even in 10- to 15-years’ time, to identify whether they need to take action at this point,” a second senior DHS official told GovTech.
Not all data will be at risk: symmetric key-based cryptography will stay strong against advanced quantum computing while several asymmetric (or public key) encryption systems will become vulnerable, DHS says in its Post-Quantum Cryptography FAQ, created in partnership with NIST.
Old-school encryption also won’t just dissolve overnight. Instead, malicious actors will need to collect targeted encrypted data, then run computational efforts against them to break through during a single communication session, according to a 2021 interview with NIST Computer Security Division Chief Matt Scholl. That means organizations can transition highest-priority systems first, such as those most at risk, important or sensitive.
Identifying a transition plan early sets organizations up for prompter adoption once the new NIST standards become available. That will reduce how long — and how much — data remains vulnerable to quantum-equipped attackers. Those who wait and then scramble to upgrade systems also risk making mistakes that introduce vulnerabilities, writes Michaela Lee with the Harvard Kennedy School Belfer Center.
Concerns around ensuring a smooth shift to post-quantum algorithms are prompting some entities to not only map out their transition plans, but also start trying out new encryption algorithms now, without waiting to see which get the final seal of approval from NIST.
Todd Moore, vice president of Encryption Solutions at international technology company Thales, told GovTech that the firm and some of its larger clients are using sandboxes to test out several of the algorithms in NIST’s pool of finalists. Thales cryptologists collaborated on one of these algorithms, per the company’s website, and the firm works with clients in sectors like U.S. federal government and finance.
Testing let the organizations learn about how the different encryption algorithms impact their operations. For example, some algorithms require more computational power or cause greater latencies, so organizations need to adjust for this.
Such testing also helps clients troubleshoot and ensure they’ve accounted for all the relevant systems.
“A bank, for example, recognizes they have a vulnerability at one point within a transaction. They fix that, but then they realize there’s a signing operation, or a key establishing operation, that they missed,” Moore said. “The feedback we receive, especially from banks, is they start the implementation process, and then all of a sudden, a light bulb goes off — ‘Oh, we forgot this here.’ That is one of the reasons why folks have to start early.”
CAN THERE BE EQUITABLE ADOPTION?
Once state and local governments know what needs to be updated, it may be up to the private sector to ensure they can make those changes. DHS officials said a core part of the effort relies on ensuring private software vendors incorporate the new encryption methods into their products, thus creating safer offerings for governments and other end users.
The DHS officials said they want to ensure that smaller and less mature players can migrate to quantum-resistant encryption alongside larger counterparts, without their limited resources holding them back. The federal government is currently analyzing the situation for potential equity gaps. Resolving such issues could mean having larger organizations take actions that improve the situation for smaller ones, an official said.
“Many transitions in the past — and this one as well — will be driven by the private sector. But that also carries a risk that those who do not have the resources may not be brought on board at the same time,” the one DHS official said.
Intellectual property concerns might also pose a challenge to widespread adoption, Moore said. The algorithms considered by NIST are open source, but implementations of them could be licensed or patented, he said.
