The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released its newest report, "The State of Post-Quantum Cryptography." The report provides an overview of the current state of public-key cryptography, as well the threat posed by quantum computing.
Authored by the CSA Quantum-Safe Security Working Group, the report outlines five quantum-resistant cryptographic algorithms—lattice-based cryptography, hash-based schemes, elliptic curve isogenies, multivariate cryptography and code-based cryptography— and reviews the challenges associated with achieving quantum-resistant protection.
"Smart enterprises must begin to prepare now as the day nears when practical quantum computing is a reality, simultaneously opening the door to solving specialized problems across a variety of industries while putting global communications in the crosshairs," said Bruno Huttner, Quantum-Safe Security Working Group co-chair and Director of Quantum Space Programs in the Quantum-Safe division of IDQuantique. "We hope that this report will shed light on the key issues and challenges to be addressed."
"Technologies that have long been relied upon to keep our data safe will no longer be effective once quantum computers are readily available. In fact, some of them have already been weakened," said Jane Melia, Quantum Safe Security Working Group co-chair and Vice President Strategic Business Development at QuintessenceLabs. "With this report, we are seeking to provide enterprises with the key information they need to understand quantum-safe security and how changes will impact their business."
The Quantum Safe Security Working Group addresses critical generation and transmission methods to help the industry understand quantum-safe methods for protecting their networks and their data. The QSS Working Group examines two differing technologies:
Quantum key distribution, or QKD, which is a physics-based technology to deliver keys securely
Post-quantum cryptography, which refers to mathematical algorithms that do not suffer from the same weakness vis-à-vis quantum computing that existing algorithms do.