Everyone’s talking about artificial intelligence (AI) right now, but the media buzz is in danger of overshadowing another emerging technology that could be disruptive: quantum computing.
According to the Australian Department of Industry, Science and Finance, the number of Australians opportunity it’s big. The nation has been recognized as a world leader, home to some of the best minds in quantitative research and applied technology.
With great progress comes great risk
Although we have not yet entered the quantum era, technology is advancing rapidly, and it will not be long before a quantum cyber attack becomes possible. That’s why leaders and researchers around the world are working on new quantum security discoveries – and great progress is being made.
In August 2024, the National Institute of Standards and Technology (NIST) announced that it had completed a large series of cryptographic algorithms. Based on post-quantum cryptography (PQC) technology, algorithms have been developed to withstand cyber attacks from a quantum computer.
This success is widespread all over the world, including here in Australia. The algorithms will be the benchmark from Australia Signals Directorate (ASD) to set our regional standards against the rapidly emerging threat environment.
Quantum Cyber ​​Attacks Outpace Today’s Defenses
The risks that may come from quantum computing will be similar to what we have experienced before. With more power to break traditional algorithms, cybercriminals can analyze data, bringing down large networks in minutes. Everything we rely on today to secure our connections and transactions—keys, credentials, and data—could be at risk.
Thales’ 2024 Data Threat Report shows that almost a quarter of Australian organizations consider PQC to be the most important aspect of their safety. Harvest-now-decrypt-later (HNDL) attacks are the latest concern in quantum computing as they enable criminals to collect information today in order to decipher it in the future, which can be accessed.
Australian IT and security professionals are also highly concerned about future hacking (65 per cent), key sharing (63 per cent) and the risk of network shutdowns (52 per cent).
Which industries are at risk?
All organizations that rely on data or rely heavily on digital networks are at risk, but certain industries are particularly vulnerable to quantum attacks. This is partly due to the lifetime of the data or keys, and the HNDPL scheme being used by cybercriminals.
Any applications that require authentication of smart devices in the IoT, private communication using VPN, digital identities that governments and businesses authenticate users, and keys or long-lived data, such as medical devices, are of great concern.
A new approach to digital security
Post-quantum cryptography, also known as quantum-resistant cryptography (QRC), focuses on developing cryptographic algorithms and protocols that can represent the power of quantum computing.
These cryptographic algorithms derive their protection from mathematical problems considered difficult in classical and quantum computers. They provide a cost-effective, efficient way to store secure information assets.
PQC will soon make the encryption infrastructure we’ve relied on for years obsolete; this means that organizations will need to rethink their approach to digital security.
Many Australian organizations have already started investigating PQC. More than half plan to improve cryptographic capabilities in the next 12 to 18 months, making it easier to add new ciphers, while less than half plan to demonstrate or evaluate PQC algorithms.
But there is much more to be done.
Prepare for the post-quantum world, now
In general, organizations take several years to implement change in their entire operations. Preparing for a PQC world means taking action now to protect data, intelligence, etc. from hackers using quantum computers.
There are three main things that organizations need to focus on right now:
- Assess risk exposure, test crypto reserves, and overall PQC readiness. Often, organizations don’t know where their keys are, where encryption is used, or what data is being protected and how it’s being protected.
- Create a hybrid risk mitigation plan which is based on classical and secure quantum algorithms. Businesses that wait until quantum computers are available to fix their house face a decades-long process of theft, compromise, and the risk of non-compliance with the laws of quantum.
- Prepare for quantum security architecture, including support for new encryption algorithms such as those released by NIST. This can be done by looking at all the software that manages private information: how would the software still work if the algorithm was changed? Or what would be needed to help them?
There is no doubt that volume planning will be a major task for organizations around the world; Thales has been preparing for this moment for more than a decade. As we learn to use the power of quantum computers, we must also prepare to protect against the many new risks and risks that come with them, especially in the field of data and information – the basis of our global digital society.
#OpEditor #Postquantum #cryptography #algorithms