It is well-established that quantum computers possess the capability to compromise widely-used asymmetric cryptographic schemes such as RSA, Elliptic Curves or Diffie-Helmann and protocols relying on them, such as TLS/SSL, Code-signing, DNSSEC and others. This, in turn, could jeopardize the confidentiality and integrity of sensitive information and transactions. Worryingly, state-sponsored actors are already actively collecting vast troves of valuable encrypted data of other nations with the intent of decrypting them later using quantum computers. Such “harvest-now, decrypt-later” cyberattacks could lead to unprecedented breaches of national security, economic espionage, and critical infrastructure compromises. This leads to the need for a proactive approach to the development and implementation of post-quantum cryptography (PQC). The National Institute of Standards and Technology (NIST) has been at the forefront of this evolution. Recognizing the urgency, the NIST announced a public competition in February 2016 to develop and evaluate new cryptographic algorithms that are resistant to future quantum attacks. After a rigorous, multi-year selection process involving academics, industry, and cryptography experts worldwide, the NIST announced the final candidates for quantum-resistant algorithms in 2022 – the two primary algorithms CRYSTALS-KYBER (key-establishment) and CRYSTALS-Dilithium (digital signatures). In addition, the signature schemes FALCON and SPHINCS+. As we saw in a previous article, now is the right time to start preparing for your migration to PQC. But where should you start? The challenge of migration The transition from traditional cryptographic systems to PQC is not a simple upgrade, but a careful migration that requires extensive diagnosis, planning and execution. These cryptographic algorithms indeed underpin the very foundation of our digital interactions, authenticating transactions, ensuring their integrity, and protecting the confidentiality of sensitive data. From online banking to web authentication, most digital business functions may need adaptation. Organizations across of all sectors must prepare for this monumental shift to ensure not only the security of their data and communications, but preserve their competitive advantages and business secrets as well, by considering the following: Accelerated timeline: Quantum computers are expected to mature by 2037, imposing a tight deadline for organizations to adopt PQC, especially knowing that the time required to migrate the information system of a medium sized enterprise is estimated to take 8 years on average. Scarcity of qualified resources: The cryptographer skills gap makes it difficult to find the expertise needed to navigate the PQC transition, and even more considering the volume of applications to migrate with an end-to-end approach. Meticulous implementation: Integrating PQC measures across an organization’s vast infrastructure demands careful planning, coordination, and execution. Navigating the transition phases Such a massive transformation project will not happen overnight, and must be carefully handled. The migration involves several phases: Awareness: Ensure your organization’s board and your entire staff understand the need for PQC migration, how it is a game changer for the security of their digital business, and the necessary action steps to undertake in the allocated time before quantum computers reach maturity. Assessment: Exhaustively understand which algorithms are used in your organization, for which asset and why, flagging sensitive and/or critical assets that have a data-shelf time overlapping the time of quantum computing maturity. Consider whether you should take the risk of getting this asset harvested now and decrypted later or migrate it. In case of migration, decide if you should go directly to PQC standalone or through cryptography hybridization first – a combination of post-quantum and conventional algorithms. Selection of post-quantum algorithms: The publication of standards by NIST will provide a starting point. Organizations should evaluate and select the algorithms that best meet their security needs and operational requirements. Test and integrate: Rigorous testing of the selected algorithms in existing systems is critical to ensure interoperability, performance, and security. Integrating new algorithms may require updates to software, hardware, and protocols, which demands careful planning and execution. Deployment and continuous monitoring: After integration, continuous monitoring and evaluation are essential. Post-quantum cryptosystems may need to be updated and improved over time to adapt to new threats and technological advances. NIST’s role in guiding the transition The NIST standards are an important reference point that provides organizations with a foundation for migration. However, it is important to note that these standards are not static. They will continue to evolve based on ongoing research and development in the field of post-quantum cryptography. Government adoption of NIST standards: A catalyst for regional frameworks The publication of the NIST standards for post-quantum cryptography will not only influence global cryptographic strategies but will also serve as a catalyst for several states to develop their own frameworks. Recognizing the urgency and importance of strengthening their cybersecurity landscape some states have taken proactive measures to adapt and build upon the NIST standards to meet their specific security needs. States often have industry-specific security needs and operating environments that cannot be fully addressed by global standards. Therefore, some governments choose to refine or build upon the NIST standards to better align with their regional requirements. This customization may include adjustments to algorithm preferences, key sizes, or integration guidelines to better meet their infrastructural and strategic needs. Examples of national approaches to PQC While some common ground exists, different nations are taking nuanced approaches to post-quantum cryptography. Leveraging NIST standards with additional considerations Several countries, including the United States, France, Germany and the United Kingdom, plan to endorse and build upon the NIST standards by incorporating their own additional, such as: Hybridization: Combining NIST-approved algorithms with other secure methods for enhanced protection. Additional IETF Algorithms: Integrating algorithms recommended by the Internet Engineering Task Force (IETF) alongside NIST choices. Independent standardization efforts Other nations, such as China, South Korea, and Russia, have opted for independent standardization processes. This results in their own set of post-quantum cryptography standards, distinct from those chosen by NIST. Here are some specific examples. USA: NIST and National Cryptography Strategies NIST’s publication of post-quantum cryptographic standards serves as the framework for the United States’ approach to strengthening its cryptographic infrastructure. The standards provided by NIST are central to shaping the country’s cryptographic strategies and influence both government and private sector initiatives. The adoption of these standards demonstrates USA’s commitment to strengthening national cybersecurity and promoting interoperability within the global cryptographic ecosystem. France: ANSSI (Agence nationale de la sécurité des systèmes d’information) ANSSI, France’s national cybersecurity agency, has been instrumental in shaping the country’s cryptographic strategies. ANSSI is guided by NIST standards and has endeavored to further refine cryptographic protocols and adapt them to the specific French security landscape. ANSSI’s contributions aim to strengthen France’s resilience to new threats while promoting cooperation within the European Union and the global community. Germany: BSI (Federal Office for Information Security) The BSI, the German Federal Office for Information Security, plays a central role in securing the country’s information technology systems. Based on the NIST standards, the BSI has been actively involved in the development of cryptographic frameworks that meet the specific security requirements in Germany. The BSI’s initiatives not only strengthen cybersecurity in Germany, but also contribute valuable insights to international cryptographic developments by promoting collaboration and knowledge sharing. United Kingdom: NCSC (National Cyber Security Centre) The NCSC, the UK government’s cybersecurity agency, announced their next steps recommendations on November 13th regarding PQC and NIST draft standards. While these draft standards offer valuable resources for testing and planning purposes, they are subject to change before finalization. Therefore, the NCSC strongly recommends operational systems should solely rely on implementations based on the final NIST standards once released. The European Union: ENISA and ETSI Within the European Union, both ETSI and ENISA play crucial roles in promoting post-quantum cryptography. ENISA offers valuable resources such as the “Post-Quantum Cryptography: Current state and quantum mitigation” report. Additionally, ETSI releases technical reports that complement the US NIST standards, aiding European organizations in their adoption and implementation. Joint contributions to global cryptography These national agencies are an example of how countries are adapting and building upon the NIST standards to create customized cryptographic frameworks. While each agency addresses the specific security concerns of their country, their combined efforts contribute to the broader global cryptographic landscape. Their adaptations and refinements serve as valuable case studies that promote the evolution of cryptographic standards worldwide and strengthen collective resilience against emerging threats. The road ahead Moving to post-quantum cryptography is a complicated process that requires collaboration, resources, and a deep understanding of cryptographic principles and their intricacy in an organization or nation’s digital business functions. It is not a sudden shift, but a gradual transition that organizations and countries need to initiate now to strengthen their security posture against the impending threat of quantum computing. In summary, while the NIST standards provide a blueprint, the successful transition to post-quantum cryptography requires a strategic, well-planned effort to create a resilient cryptographic foundation for the digital future.