background
The National Security Agency (NSA), the National Institute of Standards and Technology (NIST), and the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) collaborated to develop this report to provide organizations supporting critical infrastructure with information on the impact of quantum computing capabilities and to encourage early preparation for migration to post-quantum cryptographic standards by developing a quantum readiness plan. NIST is developing the first set of quantum cryptographic standards, expected to be released in 2024, to protect against the quantum computing capabilities of possible future adversaries, known as cryptanalysis-related quantum computers (CRQCs). CRQCs have the potential to crack the public key systems (sometimes also called asymmetric cryptography) used today to protect information systems.
identity, credential and access management (ICAM), identity and access management (IdAM), endpoint detection and response (EDR) and continuous diagnostics and mitigation (CDM),
o Understand which systems and protocols are used to move or access their most sensitive and critical data sets, and
o Identify quantum-vulnerable cryptographic techniques for protecting critical processes, especially for critical infrastructure.
• Organizations should input quantum vulnerability inventories into their risk assessment process, allowing risk officers to prioritize ensuring the use of PQC.
Discussing post-quantum roadmaps with technology vendors
CISA and the agencies encourage organizations to begin working with their technology vendors to understand the vendor’s quantum-readiness roadmap, including migration. A solid roadmap should describe the vendor’s plans to migrate to PQC, chart a timeline, test PQC algorithms, and integrate into products. This applies to both commercial off-the-shelf (COTS) and cloud-based products. Ideally, vendors will publish their own quantum-readiness roadmaps describing their commitment to enabling post-quantum cryptography. The agencies also urge organizations to proactively plan for necessary contract changes. Considerations should ensure that new products will incorporate PQC and that older products will be upgraded to PQC to meet transition timelines.
Supply Chain Quantum Readiness
Organizations should understand their reliance/dependencies on quantum-vulnerable cryptography in systems and assets, and how vendors in the supply chain are migrating to post-quantum cryptography. As mentioned above, understanding the organization’s reliance on quantum-vulnerable cryptography includes discovering quantum-vulnerable algorithms in current IT and OT systems and devices (custom or COTS) and the organization’s reliance on cloud services, ensuring plans will minimize quantum risk and are in line with the organization’s transformation strategy.
Organizations should also begin asking vendors how they are addressing quantum readiness and supporting the migration to post-quantum cryptography. Other considerations include:
• Priority will be given to high-impact systems, Industrial Control Systems (ICS), and systems with long-term confidentiality/classification requirements.
• If an organization discovers quantum-vulnerable cryptography in its custom technologies, it should assess the risk to data or functionality that depends on those technologies. The organization can either migrate to post-quantum cryptography in those technologies or develop system security upgrades to mitigate the risk of continuing to use them. Custom products, especially those in older systems, may require the most effort to achieve quantum resistance.
• For COTS products, communication with vendors about their post-quantum cryptography roadmap is critical. Migration to post-quantum cryptography should be viewed as an IT/OT modernization effort. An organization’s quantum readiness roadmap should include a timeline for vendors to provide updates or upgrades to enable post-quantum cryptography, as well as the expected costs associated with migrating to post-quantum cryptography.
• For cloud-hosted offerings, organizations should engage with their cloud service providers to understand the provider’s quantum-readiness roadmap. Once quantum cryptography standards are available, the conversation should turn to how to enable the use of post-quantum cryptography through configuration changes or application updates.
Supplier's Responsibilities
Manufacturers and vendors of products that support quantum-vulnerable cryptography should begin planning and testing integration. DHS, NSA, and NIST encourage vendors to review draft post-quantum cryptographic standards published by NIST that contain algorithms, recognizing that the specific implementation details of these algorithms are still incomplete. Ensuring that products use post-quantum cryptographic algorithms is a reflection of secure design principles. Vendors should prepare themselves to support post-quantum cryptography as soon as NIST finalizes these standards.
https://www.cisa.gov/resources-tools/resources/quantum-readiness-migration-post-quantum-cryptography
https://www.cisa.gov/sites/default/files/2023-08/Quantum%20Readiness_Final_CLEAR_508c%20%283%29.pdf