Today, hackers steal data so quantum computers can break it in a decade.

“The threat that an adversary from the nation state will get a large quantum computer and be able to access your information is real,” says Dustin Moody, a mathematician at the National Institute of Standards and Technology (NIST). “The threat is that they copy your encrypted data and store it until they get a quantum computer.”

Faced with this “harvest now, decrypt later” strategy, officials are trying to develop and implement new encryption algorithms to protect secrets from a new class of powerful machines. These include the Department of Homeland Security, which says it is leading a long and difficult transition to so-called post-quantum cryptography.

“We don’t want to find ourselves in a situation where we wake up one morning and there is a technological breakthrough, and then we have to do a job for three or four years for several months – with all the additional risks associated with it,” says Tim Maurer. who advises the Secretary of Homeland Security on cybersecurity and new technologies.

DHS recently released road map to move, starting with a call to catalog the most sensitive data in both government and the business world. Maurer says this is a vital first step, “to see which sectors are already doing it and which sectors need help or awareness to make sure they are taking action now.”

Preparing in advance

Experts say it may be another decade or more before quantum computers can do anything useful, but with money pouring into the field both in China and the US, the race is to make it happen. and develop better protection against quantum attacks.

According to Moody, who leads the NIST post-quantum cryptography project, the United States has been running a competition through NIST since 2016 to create the first algorithms that are resistant to quantum computers by 2024.

As you know, the transition to a new cryptography is a difficult and time-consuming task that is easy to ignore until it is too late. It can be difficult to get businesses to spend on an abstract future threat years before that threat becomes a reality.

“If organizations are not thinking about the transition now,” Maurer says, “and then they will be overwhelmed by the time the NIST process is complete and there is a sense of urgency, it increases the risk of accidental incidents … the transition is never a good idea.”

Source link

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button