Contrary to what you may have heard, the advent of quantum computing won’t spell the end to encryption as we know it. That is, if enterprises have taken the necessary steps to prepare for a post-quantum future.

Currently, the security of many cryptographic algorithms — which protect everything from online banking transactions to people’s online identities and private email messages — relies on the difficulty conventional computers have with factoring large numbers. The problem is that quantum computers will be able to break several popular public-key cryptography systems relatively quickly, such as RSA and Diffie-Hellman.

To survive in a post-quantum world, algorithms must be based on different mathematical tools that can resist both quantum and conventional attacks. To that end, the National Institute of Standards and Technology (NIST) is currently evaluating 26 quantum-proof algorithms to determine performance across everything from massive supercomputers to Internet of Things devices. Presuming that NIST’s and other researchers’ efforts are successful, quantum-safe cryptography should be available well before the arrival of large-scale quantum computers that can break RSA and other vulnerable algorithms.

Despite these promising developments, enterprises can ill afford to wait until algorithms start breaking because there’s too much at stake. And the industry’s track record for absorbing new algorithms is not great. For example, SHA1 depreciation was recommended five years before it went into effect and took 13 years from the recommendation stage until widespread change. However, SHA1 only dealt with signature integrity while post-quantum deals with the far greater exposure of sensitive data and signatures.

To be prepared, enterprises must begin the process of assessing their current systems, software and appliances now, otherwise these systems will become impediments and potentially open the door to countless vulnerabilities. Once the weak links are identified, it will be important to begin working with vendors to determine their roadmap and timeline for post-quantum integration.
  • Hear answers and recommendations about how to best ready the enterprise
  • Learn how enterprises can rate systems based on risk and exposure
  • Learn strategies for systems that can only support a single PKI chain
  • 1583439396-f1aa028fd70af47a
    Mark B. Cooper
    President & Founder, PKI Solutions
    Mark B. Cooper, president and founder of PKI Solutions, is known as “The PKI Guy” since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI). PKI Solutions Inc. provides consulting, training — including online training — and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers’ identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft’s largest customers.