NIST Selects Post-Quantum for National Cybersecurity Center Project

The National Institute of Standards and Technology (NIST) has selected Post-Quantum, a specialist firm in post-quantum cryptography, to participate in its National Cybersecurity Center of Excellence “Migration to Post-Quantum Cryptography” project. This consortium aims to ease the transition from current public-key cryptographic algorithms to quantum-safe solutions, protecting against “Harvest Now Decrypt Later” attacks and future quantum threats.

Post-Quantum will play a central role in ensuring a smooth transition, supporting backward compatibility, and testing different post-quantum algorithm configurations. The company’s expertise in securing edge-to-mobile end-points will be crucial in this effort. Andersen Cheng, Executive Chairman of Post-Quantum, emphasized the importance of real-world implementations, citing the company’s authored standard for hybrid quantum-safe Virtual Private Networks (VPNs) ratified by the Internet Engineering Task Force (IETF). Other participants in the project include Palo Alto Networks, Amazon Web Services (AWS), Cisco, Microsoft, and VMWare.

Post-Quantum Cryptography: A Critical Step towards Quantum-Safe Cybersecurity

The advent of quantum computers poses an existential threat to our current cybersecurity infrastructure. The “Harvest Now Decrypt Later” (HNDL) attacks, where hostile actors steal encrypted data now and decrypt it once a cryptographically relevant quantum computer emerges, have made it imperative to migrate from the current set of public-key cryptographic algorithms. To address this challenge, the National Institute of Standards and Technology (NIST) has established a consortium of organizations as part of its National Cybersecurity Center of Excellence (NCCoE) “Migration to Post-Quantum Cryptography (PQC)” project.

Post-Quantum, a specialist PQC firm, has been selected to participate in this project, supporting the development of tangible PQC implementations and use cases. The NCCoE project brings together experts from industry, government, and academia to address the real-world needs of securing complex IT systems and protecting the nation’s critical infrastructure.

Ensuring a Smooth Transition to Post-Quantum Cryptography

Post-Quantum’s selection will see the company playing a central role in ensuring a smooth transition and deployment of VPNs that will protect against HNDL attacks. This includes supporting backward compatibility, testing different PQC algorithm configurations in hybrid arrangements, and providing unique implementation know-how in securing edge to mobile end-points.

The company has already made significant strides in this direction, with its authored standard for a hybrid quantum-safe Virtual Private Networks (VPN) being ratified by the Internet Engineering Task Force (IETF). This new standard enables parties using different post-quantum key establishment algorithms to communicate with each other, which is critical as different nation-states deploy various PQC algorithms.

The Importance of Interoperability and Backward Compatibility

Interoperability and backward compatibility are crucial aspects of a successful migration to post-quantum cryptography. Post-Quantum’s solutions are designed to be modular, interoperable, and crypto-agile, ensuring a smooth transition to the next generation of encryption. This approach enables organizations to upgrade their systems without disrupting existing infrastructure or compromising security.

The company’s products, such as VPNs and Identity Systems, have already been deployed by organizations like NATO, demonstrating its ability to provide operational quantum-safe solutions today.

The Role of Post-Quantum in Shaping the Future of Cybersecurity

As a first mover in the industry, Post-Quantum has progressed past the R&D stage and is one of the few organizations that can provide operational quantum-safe solutions today. Its expertise in high-grade cybersecurity and encryption innovation makes it an invaluable partner for organizations seeking to upgrade their systems.

The company’s work with NATO and other organizations in defense, critical national infrastructure, and financial services demonstrates its commitment to ensuring the security of sensitive information against quantum attacks. Its invention of NTS-KEM, a code-based post-quantum algorithm, and its role in shaping IETF standards for hybrid post-quantum VPNs further underscore its position as a leader in the field.

As the internet continues to evolve, it is critical that more components become quantum-safe. Post-Quantum’s proactive work on proposing new standards to IETF will help shape how the internet operates in a post-quantum world, ensuring that our cybersecurity infrastructure remains robust and resilient in the face of emerging threats.