The specter of post-quantum cryptography (PQC) looms large as a possible future problem for business leaders. It’s complex and shrouded in technical jargon, and the implications for business are still largely theoretical—yet, we should still prepare for the incoming reality of accelerated tech advancements.
Luckily, you don’t need to be a cryptography whiz to get started. In fact, half the battle is preparation: knowing what resources are available, getting up to speed, and learning where to start at the advent of Q-Day. Keyfactor has a number of resources digging into PQC, so you can learn what it means for your organization and businesses worldwide. Beyond that, our PQC sandbox allows you to play with new PQC algorithms, test eventualities, and learn more by doing more.
Read on and follow the links to begin demystifying post-quantum cryptography and what it can mean for your organization.
Foundations
Start at the beginning with the resources we’ve built to establish a firm understanding of PQC:
A birds-eye view of quantum computing and what it means for cryptography. “Transitioning to a quantum-capable world may be the most significant OS upgrade in the history of humanity,” making room for great strides in beneficial and malicious tech.
A webinar from David Hook, VP of Software Engineering at Bouncy Castle, sharing insights on PQC. Pay particular attention to the reason for so much urgency behind post-quantum cryptography and Hook’s suggested strategies to fortify cryptographic infrastructure early.
NIST is nearing the finalization of quantum-resistant algorithms, with significant updates expected in 2024. Read up on the conference highlights: preparing for change, addressing side-channel attack resistance, and adapting to new standards. Early preparation eases implementation and reduces time to readiness when Q-Day arrives.
With the threat quantum computing poses to current cryptographic systems, the reality of incoming change inches closer daily. As NIST nears the final stages of selecting quantum-safe algorithms, the need for legacy support and the long validity periods of some existing certificates are challenges to overcome. Dig into transitional certificate options and learn more in this blog from Mike Agrenius Kushner, product architect at Keyfactor.
When you’ve built a foundation of understanding in quantum computing, you’ll be ready to start preparing your business for PQC.
What post-quantum cryptography means for business
Looking for the material effects of PQC and quantum computing on your business? Check out these resources for specifics:
This whitepaper report covers how organizations are preparing for the transition to PQC, their concerns and challenges, and tips for establishing crypto-agility to lay the groundwork for incoming change. “One of the biggest challenges will be interoperability between servers, applications, HSMs, and other critical infrastructure,” so early preparation is key for long-term success in a post-quantum world.
Listen to experts Dr. Richard Searle, Chief AI Officer at Fortanix; Chris Hickman, Chief Security Officer at Keyfactor; and Andrew Driscoll, Quantum Security Engineer at Accenture, discuss PQC on the InTechnology podcast. Learn the risks posed by future quantum computers, particularly the “steal now, decrypt later” threat, and the potentially massive scope of the process to prepare. Bottom line: plan early, work in increments, and don’t panic.
Watch as Chief Technology Officer for Keyfactor Ted Shorter and Senior Demand and Deliver Director at Optive Toby Zimmerer discuss their takeaways of RSA Conference 2024, America’s biggest cybersecurity conference event. Learn what other businesses are doing to prepare, what new products and announcements concern PQC, and the value of building strong partnerships and choosing trusted service providers.
Watch the benefit of partnerships in action with Ted Shorter, Keyfactor CTO and Duncan Jones, Head of Cybersecurity at Quantinuum. This business partnership has strengthened public key infrastructure by combining EJBCA from Keyfactor with quantum-enhanced entropy from Quantum Origin, providing a strong foundation for digital infrastructures and a sandbox for testing PQC even before standards are finalized.
Get your hands dirty and strengthen your skills
Early preparation and collaboration are critical factors to prepare for Q-Day. At Keyfactor, we’re experts in cryptography–we’ve got you covered. Use these resources to practice your skills and dig into the nitty-gritty of PQC:
Jump into Keyfactor’s hub for everything post-quantum, the PQC Lab. Explore the latest on quantum readiness, get tools for securing your systems and data, and get hands-on with a free SaaS-based PKI sandbox to quickly test quantum-ready certificates.
Follow the process and build in your own EJBCA sandbox to further explore PQC. Learn to set up a PKI with a Root Certificate Authority and an Issuing Sub Certificate Authority using the Dilithium algorithm, a NIST candidate algorithm for sandbox use. This tutorial can help you prepare for the future with hands-on experience.
Add another level of understanding with our SignServer tutorial to apply a post-quantum algorithm for code signing in an IoT application. Experiment with NIST candidate implementations to create post-quantum keys and signatures and play with building firmware updates to protect your environment.
Keyfactor is here to help
Post-quantum cryptography may seem like a distant threat, but the clock is ticking. While the full implications of quantum computing on businesses are still unfolding, the potential impact on cybersecurity is clear.
Understanding the fundamentals of PQC and taking proactive steps can position your organization for a smoother transition. Keyfactor offers a wealth of resources to guide you through this complex landscape, from foundational knowledge to practical application.
Don’t wait for Q-Day. Start preparing your quantum readiness today, and call on Keyfactor for your free SaaS-based PQC Sandbox in the PQC Lab.