As you may know from my previous blog posts (see Post-Quantum Cryptography: Taking Stock of the Challenge Ahead, Post-Quantum Cryptography and the Approaching Storm, and A Deep Dive into VMware’s Crypto Agility Demo at VMworld 2021), the National Institute of Standards and Technologies (NIST) has been working diligently with the research community to select and standardize a new set of quantum-safe cryptography algorithms. Post-quantum cryptography, or PQC, is intended to replace our current public key standards (RSA, EC, DSA, and ECDSA) with new standards that will be resilient in the face of tomorrow’s adversaries, who will leverage scaled quantum computers once they become available.
Standing back, NIST’s work can be described as a major piece of heavy lifting — but not the only piece in the broader picture of cryptographic migration. Specifically, NIST addresses the highly technical challenge of what number theoretic problems will provide a quantum-safe basis for public key cryptography. (Note that many cryptographers are trained in mathematics and not computer science.) But there is another major challenge that remains: how each organization will put the new standards into practice.
What can and should an organization be doing to plan for PQC readiness given the complexity of today’s enterprise compute infrastructures? Here are a few high-level ideas for kicking off your organization’s journey toward PQC readiness over the coming years.
Start by establishing goals
An important objective for any organization developing a PQC action plan should be establishing goals that can help guide long-term planning. The notion of “readiness” may vary from organization to organization, depending on the nature of its business or service (e.g., educational services versus investment management), the industry sector (e.g., online retail versus finance), and associated information assets (e.g., manufacturing specs versus healthcare data).
One broad distinction is between IT operations readiness and product/service readiness. Goals associated with the former may include identifying cryptography usage and key information assets across the organization and understanding exposure points that could be exploited by a future adversary with access to scaled QC. Goals might also account for software and service supplier relationships, as well as exposure points that raise questions about their level of readiness for PQC.
Product/service readiness must consider the PQC challenge from a customer’s point of view. You may choose to set goals that anticipate customer questions about product-roadmap readiness and the quantum safety of customer information assets. Similar to IT operations, goals may include a comprehensive understanding of cryptography usage, the likely nature of long-lived information assets, and key areas for prototyping PQC and migration frameworks.
Technical goals in both domains might include an understanding of PQC performance and platform resource impacts — for example, an understanding of PQC impact on network communications in customer-facing products and services. Anticipating migration complexities, PQC testing requirements, and auditing frameworks might be considered, along with many other issues.
Building a phased migration plan
Organizations should consider developing a phased approach to PQC readiness similar to the example in the table below. Phases can be constructed to synchronize with the PQC standardization timelines as discussed by NIST and to gradually increase the level of resourcing and investment as PQC solutions become more available and the QC technology development timeline advances. Components of the illustration are as follows:
Organization phase. A working group (WG) should be comprised of representatives from business units across the organization, each of whom has a stake in the longer-term PQC readiness picture. The WG should establish timelines and identify the broader impacts of PQC on the organization. These impacts should include both internal operations and external-facing products and services.
Assessment and planning phase. In this phase, the WG should work toward a comprehensive inventory of cryptography usage and long-lived information assets and establish a set of longer-term goals that help to define quantum safety, given the nature of the organization, its core business and products, its operations, and its customer base. A discussion of goals must also consider key dependencies (e.g., PQC standards and implementations) and the manner in which PQC deployment should proceed across IT infrastructure and customer products.
Experimentation and prototyping phase. The WG should identify areas of key impact and risk for the organization and begin experimenting directly with PQC prototypes. Goals of exploration should include the impact of PQC key sizes, understanding the performance and resource requirements (e.g., memory, CPU, I/O, communications, entropy) of PQC, developing reusable frameworks for PQC migration, and ensuring that PQC deployment schemes are crypto agile.
Scaled integration and testing phase. The understanding and frameworks developed in the prior phase should be scaled across IT infrastructure and company products and services. The goal — perhaps counterintuitively — is not comprehensive migration to PQC, but comprehensive readiness for migration. That is, the machinery or instrumentation needed for migration is integrated, tested, and ready to be enabled. This step likely includes automation for key migration tasks and considerable work on verification schemes. The latter is needed for auditing and certification when NIST standards are explicitly adopted across the industry.
Switchover readiness phase. In this phase, an organization is in a state of readiness for PQC migration, with configurable and auditable frameworks in place. Changes in NIST algorithm standards can be readily deployed, as can changes by other standards organizations (e.g., ITU, ETSI, IETF) for specific cryptography usage domains. Testing infrastructure is in place to verify updates and a global switchover to PQC standards — when the time arrives.
The path forward
This discussion has addressed the broader organizational challenge of how to get started developing a PQC migration plan. Every organization needs to start somewhere, and I hope the ideas I have suggested can help you visualize a path forward.
Of course, there are many technical details that have been omitted from this discussion, in order to focus on the bigger organizational picture. For instance, how does an organization perform a crypto inventory across a complex, distributed infrastructure? What PQC implementations are available for initial impact testing? Look for some of these topics in future blog posts.