Quantum computing promises to disrupt cybersecurity. In the coming years, adversaries will use this evolutionary shift in compute capability to crack the cryptography that today is the bedrock of data security.
“The threat from cryptographically relevant quantum computers — computers with enough horsepower to break cryptography as we know it today — is just around the corner,” said Philip Kwan, Director and Product Line Manager at Palo Alto Networks.
In some sense, the threat is already here. Adversaries are harvesting encrypted data with an eye toward breaking them as soon as the quantum capability is available. Given the immediacy of the peril, agencies need to move now toward postquantum cryptography (PQC), Kwan said.
First Steps
It’s important to start by recognizing the size and scale of the challenge.
“With many technologies affected, this is going to be the largest cryptography update the industry has ever done,” Kwan said. That means “you want to make sure you have executive backing and proper resources and budgets in place.”
In terms of practical steps, it makes sense to begin with a thorough inventory.
“You start by identifying all of the applications, the devices, the data that potentially can be affected” either by harvesting exploits today or quantum fueled attacks in the future, Kwan said. “Doing a very thorough crypto inventory is extremely important. It will identify potential weaknesses and help with prioritization and classification of data in order to protect it.”
Know the Landscape
The vendor community has already stepped up with a variety of offerings, from PQC to quantum random number generators (QRNG) to hardware and cloud-based quantum key distribution technologies.
Government leaders should keep certain things in mind when evaluating possible solutions. Today’s networks are very complex environments, with different types of devices and software applications spanning multiple versions and generations of technology, said Kwan. As a result, agencies must look for technology based on open and accepted standards.
“Organizations like [the National Institute of Standards and Technology] and [the European Technology Standards Institute] in the [European Union] are helping the industry move forward in a standardized way,” Kwan said, and it makes sense to look for solutions that align with those standards, with the openness to interoperate with a wide variety of systems. “You need to think about open standards in order to develop a true end-to-end post-quantum capability to accelerate your migration efforts,”he said.
To that end, Palo Alto Networks’ firewalls can prevent harvesting attacks with post-quantum VPNs and detect, block and log the use of PQC and hybrid PQC algorithms, in a way that is easy to configure and deploy.
“When we developed our products, we [made] sure that we did a very, very tight integration of the standards-based security capabilities into our security platforms,” Kwan said. “Anyone using our products is going to have just a few clicks of the mouse to fully activate all of this postquantum capability.”
This article appeared in our guide, “Quantum Computing 101: Getting Ready for Tomorrow’s Tech.” To learn more about this groundbreaking technology, including how and when it will impact you, download the guide here:
Leave a Reply
You must be logged in to post a comment.