Key Takeaways:
- The Cybersecurity and Infrastructure Security Agency (CISA) has released a list of IT software and hardware products that use cryptographic algorithms for encryption or authentication and are considered quantum-resistant.
- Federal agencies are preparing for the long-term threat posed by quantum computers, which could potentially break through some forms of classical encryption.
- The transition to quantum-resistant encryption protocols is expected to be a massive societal task, requiring collaboration and buy-in from hardware and software vendors, standards bodies, and protocols.
- CISA’s guidance provides a list of products that are considered "PQC-capable," but experts note that this label may not provide complete protection and that the transition to post-quantum encryption will require significant changes to core backend infrastructure.
- Experts are criticizing CISA’s guidance for lacking detail and being optimized for procurement compliance rather than security outcomes.
Introduction to Quantum-Resistant Encryption
The Cybersecurity and Infrastructure Security Agency (CISA) is taking steps to guide federal agencies through the process of updating their technology stack with quantum-resistant encryption. On January 23, the agency released a list of different IT software and hardware products that are commonly purchased by the federal government and use cryptographic algorithms for encryption or authentication. This list includes cloud services, collaboration software, web software, and endpoint security tools that provide full disk and at-rest data encryption. The guidance covers products that are considered "PQC-capable," meaning they are designed to protect sensitive information, including after the advent of a cryptographically relevant quantum computer (CRQC).
The Threat of Quantum Computers
Federal agencies and the private sector are preparing for the long-term threat posed by quantum computers, which many cryptographers believe will one day be able to break through some forms of classical encryption. The federal government is currently operating under an executive order mandating that agencies shift most of their high-value systems and devices to post-quantum encryption by 2035. National security officials have cited concerns that foreign nations could be harvesting encrypted data now in the hopes of accessing them once a quantum codebreaking computer is developed. Industry executives have also pointed to lingering concerns around China’s burgeoning quantum industry as another factor making U.S. businesses and policymakers in Washington nervous.
The Challenges of Transitioning to Quantum-Resistant Encryption
The transition to quantum-resistant encryption protocols is expected to be a massive societal task, one that will require parallel collaboration and buy-in from not only hardware and software vendors but also the constellation of standards bodies, protocols, and backend processes that help transport data across the internet. This reality can lead to an uneven procurement field for buyers, who are being pressed to purchase and implement post-quantum encryption solutions today. Alongside the more mature industries, CISA also listed a variety of other technologies, including networking hardware and software, Software-as-a-Service, and security tools like password managers and intrusion detection systems, as product categories where implementation and testing of PQC capabilities is "encouraged" by manufacturers.
Limitations of CISA’s Guidance
Even the list of seemingly "PQC safe" technologies offered by CISA comes with a caveat: most have post-quantum standards in place for key encapsulation and key agreement, but not for digital signatures or authentication. Adopting newer post-quantum cryptography will also require redesigning much of the core backend infrastructure that encrypts our data across the internet. Major internet cryptographic protocols like Secure Shell Protocol (SSH) and Transport Layer Security have done some foundational work in this area. However, experts note that most protocols are still in the early stages, with proposals being drafted, prototypes being tested, and testing underway to determine how quantum-safe methods can be integrated into existing systems.
Expert Criticism of CISA’s Guidance
Experts are criticizing CISA’s guidance for lacking detail and being optimized for procurement compliance rather than security outcomes. Roberta Faux, head of cryptography and field chief technology officer at Arqit, a firm that provides post-quantum encryption services, noted that the document provides little to no insight on how to set up cryptographic inventories or timelines, what performance data should be used to measure tradeoffs, how CISA measures or defines what it means by "PQC-capable," or guidance on how to set up hybrid models. Peter Bentley, chief operating officer for Patero, another post-quantum encryption company, expressed similar sentiments, noting that the hardest part isn’t selecting a post-quantum algorithm—it’s knowing where cryptography actually lives because most organizations don’t have detailed inventories.
Conclusion
In conclusion, the transition to quantum-resistant encryption protocols is a complex and challenging task that requires significant changes to core backend infrastructure. While CISA’s guidance provides a list of products that are considered "PQC-capable," experts note that this label may not provide complete protection and that the transition to post-quantum encryption will require significant collaboration and buy-in from hardware and software vendors, standards bodies, and protocols. As the threat of quantum computers continues to grow, it is essential that federal agencies and the private sector work together to develop and implement effective post-quantum encryption solutions that can protect sensitive information and prevent cyber threats.