Keyfactor, the identity-first security solution for modern enterprises, announced it has joined the National Cybersecurity Center of Excellence’s (NCCoE’s) Migration to Post-Quantum Cryptography Building Block Consortium. Keyfactor joins companies, including Microsoft, IBM, and AWS, to bring about awareness to the issues involved in migrating to post-quantum algorithms and to develop practices to ease migration from current public-key cryptographic algorithms to replacement algorithms.
Once access to quantum computers becomes established, all public key algorithms and associated protocols will be instantly vulnerable to criminals, competitors, and others. Sudden compromises or outdated algorithms can adversely impact the security of organizations that are unprepared.
Practical quantum computing, when available to cyber adversaries, will break the security of nearly all modern public-key cryptographic systems. With its future-proof PKI solutions stack, Keyfactor helps organizations identify and remediate this risk at scale with crypto-agility, providing security teams with the ability to easily identify and replace vulnerable keys and digital certificates across their organization without disrupting business-critical applications.
“Preparation for quantum-resistant security is not something that can be left for later. When quantum computing becomes available, vulnerabilities will spring up quickly. There are already hostile hackers and groups executing a “steal now, decrypt later” approach, utilizing exfiltration attacks to gather data today that could one day be valuable,” said Ted Shorter, Chief Technology Officer, Keyfactor. “It’s important for organizations to understand this very real – and inevitable – risk. It’s our hope that as a member of the NCCoE’s Migration to Post-Quantum Cryptography Building Block Consortium, we can bring quantum computing planning to the forefront of every security leader’s agenda.”
The initial scope of the NCCoE Migration to Post Quantum Cryptography project is to engage the industry to demonstrate the use of automated discovery tools to identify instances of quantum-vulnerable public-key algorithms that are widely deployed and to manage associated risks. Other goals include the development and improvement of a migration strategy, interoperability and performance of implementations, and outreach to standard developing organizations and industry sectors.
“Public-key cryptography is widely used to protect today’s digital information,” said William Newhouse, Security Engineer, NIST National Cybersecurity Center of Excellence. “With the advent of quantum computing, and its potential to compromise many of the current cryptographic algorithms, it is critical that organizations begin to plan for many of the technological and operational challenges that migration to post-quantum cryptography will present. This project aims to help organizations in that effort.”
SOURCE: Businesswire