This month, Sectigo, the strategic partner of ZoTrus International SSL Certificate, released the six major **s in the field of digital security in 2024 in the blog column of its official website, and the author spent the weekend translating and interpreting these six **.
Today's interpretation of **2: post-quantum cryptography will become a hot topic next year.
Post-quantum cryptography has been a hot research topic in China, and the Beijing Yanqi Lake International Post-Quantum Cryptography Forum has successfully held three international post-quantum cryptography standardization and application seminars. The 9th issue of "Information Security and Communication Confidentiality" in 2023 released the article "A Review of the Development of Post-quantum Cryptography", which is still relatively comprehensive and recommended for interested readers.
This year, the international organization PKI Consortium (PKIC) established a Post-Quantum Cryptography Working Group (PQC WG) to discuss related topics related to post-quantum cryptography related to technology, products, and regulation, and is responsible for maintaining a PQC Capability Matrix (PQCCM), which is a list of PQC capabilities supported for software applications, libraries, and hardware, so that you can understand which vendors' products are supporting or have supported post-quantum cryptography around the world. The PKI Alliance is actively working to promote the adoption of post-quantum cryptography, and maintaining the PQC capability matrix is one of the key tasks of the PKI Alliance. ZoTrus Technology attaches great importance to the research of post-quantum cryptography, and officially became a member of the International PKI Alliance in February this year, and is also one of the first members to join the post-quantum cryptography working group.
PKI Alliance successfully held the second hybrid post-quantum cryptography working conference in Amsterdam, the Netherlands on November 7-8 this year, the two-day working conference discussed very rich topics, the author here recommends three authors think very wonderful speech ppt, interested readers can ** learn to Xi. The first is "NIST PQC Related Standards Update" by Mr. Bill Newhouse and Dr. Dustin Moody from the National Institute of Standards and Technology (NIST), which provides a comprehensive update of the PQC standard, an interpretation of the current state of standardization, and the development of simplified migration practices from quantum-susceptible public-key cryptography to quantum-resistant public-key cryptography. The second is "The Birth of the Post-Quantum Internet" by Cloudflare Research Engineer Bas Westerbaan, where browsers are preparing to enable post-quantum encryption by default to counter the threat of "storing ciphertext before decrypting". Encryption is only half the story, and the deployment of post-quantum certificates is more challenging. The third is "How to Sell Post-Quantum Cryptographic Readiness by Combining with the Zero Trust Journey" from Robert Hann, VP of Global Sales at Entrust, which discusses from a sales perspective how to leverage the hot spot benefits of Zero Trust security to deliver compelling applications for PQC, and shares some best practices and tips on how to plan and execute a successful PQC transition aligned with Zero Trust security.
In view of the author's little research on post-quantum cryptography and very limited related knowledge, this interpretation can only provide interested readers with a little information related to post-quantum cryptography, and I hope it can also be helpful.
Translation >
Post-quantum cryptography and cryptographic agility are no longer just buzzwords, and will be a key focus for relevant business executives next year. This shift is supported by the development of the National Institute of Standards and Technology (NIST) to combat quantum cryptography and its impactful educational campaign against the threat of quantum decryption. Quantum threats are no longer just a theoretical discussion, but have become a mainstream focus.
As the New Year 2024 approaches, a key shift is on the horizon that will elevate post-quantum cryptography from a niche concern for IT CISOs to a boardroom level discussion. The need to transition to quantum-resistant cryptography is no longer within the purview of technical teams and security experts, and will become the dominant factor in cross-industry executive conversations. The next year will see a paradigm shift in how organizations implement their cybersecurity strategies.
The catalyst for this shift can be traced back to the National Institute of Standards and Technology, a key player in the field of international cryptography standards. In response to the growing threat of quantum computing to traditional encryption methods, NIST pioneered the development of quantum-resistant encryption algorithms. What was once a theoretical discussion about the vulnerabilities of current encryption models has now been translated into tangible key actions.
Over the next 12 months, organizations will no longer see quantum-resistant cryptography as a buzzword or a topic that can be discussed in passing. Instead, how to achieve crypto agility will be a key strategic priority for the C-suite. This urgency stems from the fact that the exponential growth in the processing power of quantum computers threatens to make current cryptosystems obsolete. Essentially, the very foundations of digital security are being threatened.
Throughout 2023, there has been a growing awareness that quantum computing poses an imminent threat to traditional decryption methods. What was once a niche area and theoretical discussion is now becoming a mainstream business focus. Quantum computing is considered to be 1 faster than today's computers5.8 billion times, so the real question shouldn't be "why should the C-suite talk about quantum", but "why haven't they talked about quantum yet?".”
One of the main drivers behind this urgency is the ability of quantum computers to crack widely used cryptographic algorithms such as RSA and ECC in polynomial time, meaning that confidential data that was once considered secure can be cracked effortlessly. As businesses grapple with the impact of this quantum threat, the need to adopt quantum-resistant cryptography is not only a matter of caution, but also of survival in the digital age.
Businesses that have suffered SSL certificate disruptions have reported financial losses ranging from a few hundred dollars per minute to $1 million to $6 million per hour. If that's the price of being offline for a short period of time, it's not hard to imagine what happens to businesses and ** when sensitive data is vulnerable to unauthorized access in a matter of seconds, and the stakes have never been higher.
Business leaders need to re-evaluate their current crypto infrastructure and develop a roadmap for quantum-resistant solutions. This shift is not without its challenges, as implementing new encryption protocols requires careful planning, resource allocation, and a keen understanding of the ever-changing threat landscape. Organizations that actively adopt quantum-resistant cryptography can not only strengthen their cybersecurity posture, but also gain a competitive advantage in an increasingly digital and connected world. Stakeholders, including customers, investors, and regulators, are likely to view such proactive measures positively, building trust and confidence in the organization's commitment to protecting sensitive information.
Sectigo believes that the rise of post-quantum cryptography will be a mainstream topic of discussion in the board in 2024, not just as a response to potential threats, but as a positive stance to secure the future of digital communications. The key role played by NIST in shaping this narrative highlights the collaborative efforts needed to combat the complexities of quantum cryptography. As businesses prepare for the quantum challenge, the next year promises to be a turning point in the continued evolution of cybersecurity, where adaptability and foresight will be key to success in the ever-changing digital landscape.