Researchers Are Moving Up the Clock for ‘Q-Day’
As quantum computing advances, the urgency for quantum-resistant cryptography intensifies. If you’re not preparing now, your data secured by modern public key algorithms may be at risk of future harvest now, decrypt later (HNDL) attacks.
At CyberSSL, we understand the critical importance of staying ahead of quantum threats. That's why we, alongside industry leaders like DigiCert and Sectigo, are championing the cause with the establishment of World Quantum Readiness Day on September 26. This day encourages enterprises and governments to take action and reflect on their security strategies.
The Quantum Threat to SSL Certificates
SSL certificates rely on encryption algorithms like RSA and ECC to secure data. These algorithms are based on mathematical problems that are currently hard for classical computers to solve. However, quantum computers, with their immense processing power, can solve these problems much more efficiently. This means that the encryption protecting our SSL certificates could be broken, potentially exposing sensitive information. If a quantum computer were to decrypt SSL-encrypted data, it could access everything from personal information to financial transactions. This risk isn’t just theoretical—experts estimate that quantum computers could be capable of breaking current encryption within the next decade. That’s why it’s crucial to start preparing for this shift now.
How to prepare for a Quantum-Safe Future in regards to SSL, Email or Codesigning certificates
1. Understand the Timeline
While fully functional quantum computers are not yet mainstream, they are progressing quickly. It’s essential to stay informed about developments in quantum computing and understand how they might impact your security infrastructure.
2. Adopt Post-Quantum Cryptography (PQC)
Organizations should begin exploring and implementing post-quantum cryptographic algorithms. These algorithms are designed to be secure against the capabilities of quantum computers. The National Institute of Standards and Technology (NIST) is currently working on standardizing these algorithms, providing a roadmap for future security.
3. Evaluate Your Current SSL Certificates
Take stock of your existing SSL certificates and assess their vulnerabilities in the context of quantum computing. This evaluation will help you prioritize which certificates need to be upgraded first.
4. Implement Hybrid Solutions
Some companies are already offering hybrid SSL certificates, SMIME certificates and CodeSigning certificates that combine classical and quantum-resistant algorithms. These can provide a transitional solution while the industry fully adapts to post-quantum cryptography.
5. Stay Agile
The transition to quantum-resistant encryption will be an ongoing process. Ensure your organization’s security infrastructure is flexible and capable of adapting to new standards and practices as they emerge.
Why PQC Readiness is Essential
Quantum computing research has seen groundbreaking advancements. Here are four pivotal developments:
-
Quantum Navigation in the UK: Successful test flights using advanced quantum-based navigation systems that can’t be jammed or spoofed were announced on May 13, thanks to a collaboration involving UK Research and Innovation (UKRI), Infleqtion, BAE Systems, and QinetiQ.
-
MIT’s Atomic Breakthrough: MIT researchers have configured atoms to be only 50 nanometers apart, potentially paving the way for new types of quantum computers using purely magnetic dipolar gates.
-
Microsoft and Quantinuum’s Error Rate Achievement: An 800x improvement between logical and physical qubits was demonstrated, moving from noisy intermediate-scale quantum (NISQ) to resilient quantum computing.
-
Transforming Everyday Materials: Researchers at the University of California, Irvine, and Los Alamos National Laboratory are experimenting with materials like glass to alter their electrical properties, aiming to create strong quantum conductors.
Act Now to Secure Your Data
Quantum computers are currently confined to labs, but this won’t last. McKinsey estimates that nearly 75% of tech executives expect fully fault-tolerant quantum computers by 2035. Organizations need to start preparing for quantum threats today, which involves significant planning and investment.
Your PKI is Crucial
World Quantum Readiness Day highlights the urgency of upgrading public key technologies. With quantum computers on the horizon, traditional PKI won’t suffice. Google’s support for hybrid post-quantum algorithms is a step forward, but more needs to be done.
Industry Preparations for a Quantum Future
Organizations and governments are already taking steps to prepare for quantum computing:
- PKI Consortium Conference: Discussions focused on post-quantum cryptography (PQC) implementations.
- NIST’s PQC Standardization Project: New PQC Federal Information Processing (FIPS) standards are expected in summer 2024.
- US Government Initiatives: The White House’s National Security Memorandum and the Quantum Cybersecurity Preparedness Act underscore the federal focus on quantum readiness.
- EU Roadmap: The European Commission has recommended a transition roadmap for PQC.
Repeat Guest Bruno Coulliard on US Government's Migration to PQC
We recently had the opportunity to hear from Bruno Coulliard, who provided an update on the US government's migration to post-quantum cryptography (PQC). He discussed the significant challenges involved in this migration, including the potential for a black swan event if quantum supremacy is suddenly achieved. Coulliard also elaborated on the implications if the industry collectively hits the "panic button" and rushes to implement quantum-resistant measures simultaneously.
Investing in Quantum Readiness
Significant investments are being made in quantum technologies:
- The global Quantum Computing Market is projected to reach $42.1 billion by 2032.
- 67% of companies plan to invest at least $10 million in quantum technologies over the next five years.
- China leads with a $15.3 billion investment, followed by the European Union ($7.2 billion) and the United States ($1.9 billion).
Quantum-Ready Certificates with CyberSSL
While publicly trusted PQC certificates aren’t yet available, private CA providers like DigiCert offer solutions for private PKI. With DigiCert® Trust Lifecycle Manager, you can issue and manage private PQC certificates using Dilithium (ML-DSA) digital signature algorithms.
Types of Certificates We Provide
At CyberSSL, we plan to offer a range of private PQC certificates to meet various needs:
- SSL Server Certificates: Secure your servers with quantum-resistant encryption.
- Device Certificates: Ensure your IoT devices are protected.
- User Certificates: Authenticate users securely.
- S/MIME Certificates: Encrypt and sign emails with confidence.
Sectigo Quantum Labs: Pioneering Your Path to Quantum Readiness
Today’s encrypted data are tomorrow’s exposed secrets. Don’t give quantum threats a foothold—start building your post-quantum cryptography (PQC) blueprint with Sectigo Quantum Labs now and secure your future.
Why Quantum Computing Changes Everything
Quantum computers differ from classical computers in that they are able to exist in multiple states and explore all possible solutions simultaneously. They are set to revolutionize problem-solving. However, as these powerful machines evolve, they threaten to render traditional encryption methods, such as RSA (Rivest–Shamir–Adleman) and ECC (Elliptic Curve Cryptography) algorithms, vulnerable. Experts predict that by 2030, a sufficiently advanced quantum computer could crack the current encryption safeguarding our sensitive data and communications. This quantum leap demands a proactive, robust response from organizations to protect their digital assets.
“By 2029, advances in quantum computing will make conventional asymmetric cryptography unsafe to use.”
— 2022 - Preparing for the Quantum World With CryptoAgility, Gartner
The Urgency of Post-Quantum Algorithms
Recognizing the gravity of the quantum threat, the U.S. National Institute of Standards and Technology (NIST) has taken decisive action. In a groundbreaking move, NIST has selected four post-quantum cryptographic algorithms for standardization, three of which are focused on lattice-based encryption: ML-KEM, SLH-DSA, ML-DSA, and FN-DSA.
This milestone marks a crucial step towards fortifying our digital infrastructure against quantum attacks. Organizations must now align their security strategies with these emerging post-quantum standards to ensure long-term data protection.
Year 2030: The Ticking Time Bomb
The quantum threat is not a distant concern – it is a present danger. Adversaries can capture your encrypted data today and decrypt it when future quantum computers become powerful enough in the near future. This "harvest now, decrypt later" type of attack leaves your current sensitive information vulnerable. Scrambling to adopt new quantum-resistant algorithms when the threat materializes could be costly, complex, and risky. A proactive, strategic approach is crucial. Waiting to address this threat is not an option.
Q.U.A.N.T. - The Strategic Blueprint for Transitioning to Quantum-Safe Cryptography
The time to prepare is now. Navigating the quantum shift requires a comprehensive and proactive approach. Sectigo's Q.U.A.N.T. strategy provides a strategic blueprint for quantum resilience, encompassing:
-
Q - Quantum Exposure Inventory: Know your cryptographic footprint. Unveil the extent of your exposure with comprehensive discovery tools for a clear view of your cryptographic assets.
-
U - Uncover Risk: Assess vulnerabilities in your digital landscape. Identify and prioritize vulnerabilities with our risk assessment capabilities to ensure a focused approach.
-
A - Assess and Strategize: Develop a tailored PQC strategy with quantum-resistant encryption algorithms. Leverage our PKI expertise to develop a PQC migration strategy, balancing security, efficiency, and integrations.
-
N - Navigate Implementation: Transition smoothly to quantum-safe solutions. Seamlessly implement automated quantum-safe solutions and services, ensuring a smooth and secure transition to PQC.
-
T - Track and Manage: Adapt to evolving standards with built-in crypto agility in your security DNA. Stay agile with continuous monitoring and management solutions, and the latest standards and best practices.
Sectigo Certificate Manager: Your Beacon of Light in the Quantum Storm
Sectigo stands at the forefront with our Q.U.A.N.T. strategy, meticulously designed to guide you through every phase of your quantum readiness. Sectigo Certificate Manager (SCM) is pivotal in this journey, providing a holistic suite of certificate lifecycle management tools tailored for a seamless transition to quantum-safe cryptography.
-
Quantum Exposure Inventory: SCM’s Discovery and Visibility capabilities offer an unrivaled overview of your current digital certificate landscape, identifying which certificates require quantum-resistant algorithms. Understanding your existing cryptographic assets is the first step towards quantum resilience.
-
Uncover Risk
-
Assess and Strategize
-
Navigate Implementation
-
Track and Manage
Quantum Wisdom: Your Compass in the PQC Landscape
Whether you are a crypto veteran or quantum curious, our knowledge hub equips you with the resources to confidently steer your organization through all the post-quantum developments. Dive in and let Sectigo be your guide on the path to a quantum-safe future.
Don’t Get Left Behind
Quantum computing is advancing rapidly. Start preparing now to ensure your organization’s data remains secure in the quantum era. By leveraging Sectigo Quantum Labs and our Q.U.A.N.T. strategy, you can navigate the complexities of post-quantum cryptography with confidence and ease.
Take Action Today
The quantum revolution is imminent, and the time to act is now. Don’t wait until it’s too late to protect your data. Contact us for a free consultation and begin your journey towards quantum resilience.