Experts predict that between 2035 and 2045, we will witness the emergence of powerful quantum computers capable of fundamentally compromising our current public-key systems, which form the bedrock of security for various network and application protocols (such as TLS, IPsec, SSH, EMV, PKI, and code updates). While this might seem like a distant concern given the daily onslaught of cybersecurity threats, it is essential to recognize the urgency for two critical reasons.
- Firstly, sensitive data, including medical and financial information, may retain its significance for several decades. High profile adversaries can collect and store this data today, anticipating future decryption capabilities enabled by quantum computers. This underscores the need to address quantum threats proactively.
- Secondly, the transition to quantum-resistant infrastructure is an intricate and time-consuming process, especially in complex ecosystems comprising tens of billions of devices. It is estimated that this migration will take at least a decade to complete successfully.
Recent developments have underscored the importance of preparing for the post-quantum era. In the summer of 2024, the National Institute of Standards and Technology (NIST, US) has released its first batch of post-quantum standards. The National Security Agency (NSA) has outlined an ambitious timeline for their implementation, with completion ranging from 2029 to 2033 depending on the application. Following initiatives in several Member States, the EU has announce the development of a coordinated implementation roadmap for the transition to post-quantum cryptography
In light of these developments, any lingering scepticism about the necessity of preparing for quantum threats has dissipated. It is now unequivocal that every organization must commence planning for their migration in the coming year.
This session will provide a technical update on the new post-quantum standards and their practical implementation while addressing the challenges inherent in the migration process.
