Government agencies and the private sector have been patiently waiting for the National Institute of Standards and Technology to approve its new “post-quantum” cryptographic algorithms so they can begin the long, arduous process of switching out their classical encryption for new protocols that can better protect against future quantum codebreaking.
But for years, waiting is all these entities could do, as NIST doesn’t expect to formally bless new algorithms for another 1-2 years. Now, the agency is explicitly asking for companies and research firms to apply for cooperative research partnerships with the government to help develop technology and tools that would inform a “roadmap” the agency is devising to guide businesses and agencies on implementation.
Organizations can apply for Cooperative Research and Development Agreements with NIST, where they will work to develop or offer proofs of concept for tools that help integrators, customers and developers of products that use public key encryption identify the devices and systems that are most in need up updates.
“To meet the need to accelerate migration to quantum-resistant cryptography, the [National Cybersecurity Center of Excellence] Migration to Post-Quantum Cryptography project will demonstrate tools for discovery of quantum-vulnerable cryptographic code or dependencies on such code,” the agency announced in a Federal Register notice set to publish tomorrow. “The tools to be demonstrated provide automation assistance in identifying where and how public-key cryptography is being used in data centers on-premises or in the cloud and distributed compute, storage, and network infrastructures.”
The partnership will explore tooling options across a wide variety of technologies and components that rely on strong encryption, including hardware, software and operating systems, network infrastructure, assets and endpoints and others. The selected organizations contributions will include “establishing the necessary interface functionality, connection and set-up capabilities and procedures, demonstration harnesses, environmental and safety conditions for use, integrated platform user instructions, and demonstration plans and scripts necessary to demonstrate the desired capabilities.”
Organizations have a month to submit letters of interest, but the agency notes that it will commence the work “as soon as enough completed and signed letters of interest have been returned to address all the necessary components and capabilities.”
For years, the cybersecurity community has known that this transition is coming, but right now many organizations are between a rock and a hard place: eager to move forward with the years-long process of switching out encryption protocols as soon as possible but unable to do so until NIST finishes approving its algorithms.
The National Security Agency is one of the few agencies or organizations with the mission, budget and cryptography skills to press ahead before waiting for NIST to finish its project, though it intends to select a lattice-based algorithm from among the NIST finalists to underpin its future encryption. The agency also put out guidance to the public on a range of classical, symmetric encryption options in the interim that they believe are resilient against hypothetical quantum code breaking techniques.
It should be pointed out that the NSA has a well-known surveillance mission and a history and record around mucking with NIST encryption standards that leave some understandably reluctant to rely on them as an authority.
But they’re also one of the few organizations in the world with the cryptography expertise to chart their own path and are largely in the same boat as everyone else, needing to move away from the classical encryption options they’ve relied on for decades but dealing with loads of uncertainty around how best to do it. Additionally, intelligence agencies like NSA have a much bigger target on their back compared to almost every other organization on the planet and must protect their data from well-resourced foreign intelligence agencies and Advanced Persistent Threat hacking groups.
That gives them plenty of incentive to move faster.
“We’re looking at the post-quantum computer era, how we make sure that we’re there before the quantum computers are,” said NSA Cybersecurity Director Rob Joyce this month. “That’s a really important thing for our national security systems, where we want to keep secrets for decades, right? So we’ve got to be rolling out that post-quantum capability today to secure today’s secrets for decades into the future.”
While technically those algorithms would only be mandatory for government agencies and contractors, NIST’s technology and cybersecurity standards are widely used as benchmarks for the private sector and other standards organizations, meaning the algorithms they select will likely become the dominant market options in a post-quantum landscape.
Those that move ahead now risk selecting unapproved algorithms or vendor products that may make not make NIST’s final cut, while continuing to wait leaves them exposed to potential data harvesting attacks from foreign governments and Advanced Persistent Threat espionage groups or pushes out their timeline for completion even further back.
Dustin Moody, a mathematician for NIST and manager of its post-quantum cryptography project, explained to SC Media earlier this year what organizations are risking by moving too quickly.
“By purchasing and implementing early, you risk using algorithms that are not the ones that end up being standardized. You risk not being interoperable with those that will use the standard,” Moody told SC Media. “Although there is always a security risk that a cryptographic algorithm may be broken [or] attacked, the risk is higher using algorithms that have not been standardized - particularly in this field of post-quantum cryptography. Throughout our [project] we have seen algorithms broken in each round of our process.”