The National Institute of Standards and Technology (NIST) is set to release the first set of encryption algorithms that can withstand the power of quantum computing. Experts say organizations must start preparing to transition their networks to these quantum-resistant standards. Chief of NIST’s Computer Security Division, Matthew Scholl says organizations should understand their current security capabilities to figure out which parts of their network to transition first.
This understanding will be key to correctly implementing the three new quantum-resistant algorithms: ML-KEM, CRYSTALS-Dilithium, and Sphinx Plus. You need to build your systems with flexibility so that it can change,” Scholl says, emphasizing the need for agility in the new quantum-ready cybersecurity era. Scott Crowder, vice president for IBM Quantum Adoption and Business Development, also stresses the importance of creating a detailed inventory of an organization’s encryption.
Crowder points out the challenge of updating encryption codes, both those written internally and those provided by vendors.
Quantum-ready security transition strategies
He estimates that 20% of the transition involves internal code, while 80% involves ensuring supply chain vendors implement the new algorithms correctly.
From our experience, and doing some work with clients, typically for one application area, it’s like three to six months to discover the environment and do some of the basic remediation,” Crowder says, highlighting the extensive nature of this transition. In addition to building a flexible system for the new standards, Scholl emphasizes the need for ongoing monitoring and testing for vulnerabilities during implementation. The release of a fourth algorithm, Falcon, later this year will be another important milestone in quantum cryptography readiness.
Crowder compares NIST’s standardization to the “starting gun” for a new cybersecurity era. He urges organizations to start the hard work of adopting these new standards and ensuring both open-source and proprietary implementations are set up correctly. This new phase in cybersecurity underscores the importance of not just embracing but continuously adapting to emerging quantum-resistant technologies.
This will be critical to protect data against potential future threats from quantum computers.
Noah Nguyen is a multi-talented developer who brings a unique perspective to his craft. Initially a creative writing professor, he turned to Dev work for the ability to work remotely. He now lives in Seattle, spending time hiking and drinking craft beer with his fiancee.
