CISA, NSA, NIST factsheet addresses migration to post-quantum cryptography, ahead of standards rollout
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and National Institute of Standards and Technology (NIST) published on Monday a factsheet on the impacts of quantum capabilities and providing necessary steps to begin planning for migration to PQC (post-quantum cryptography). These agencies urge organizations, especially those that support critical infrastructure, to begin early planning for migration to PQC standards by developing their own quantum-readiness roadmap.
Titled ‘Quantum-Readiness: Migration to Post-Quantum Cryptography,’ the factsheet provides necessary steps and guidance to help organizations establish their own quantum-readiness roadmap. The new resource assists organizations in understanding how to prepare a cryptographic inventory, engage with technology vendors, and assess their supply chain reliance on quantum-vulnerable cryptography in systems and assets.
The document also provides recommendations for technology vendors whose products support the use of quantum-vulnerable cryptography, including by reviewing the NIST-published draft PQC standards, ensuring products use post-quantum cryptographic algorithms, and preparing to support forthcoming final NIST PQC standards.
“While the PQC standards are currently in development, the authoring agencies encourage organizations to create a quantum-readiness roadmap by first establishing a project management team to plan and scope the organization’s migration to PQC,” the factsheet disclosed. “Quantum-readiness project teams should initiate proactive cryptographic discovery activities that identify the organization’s current reliance on quantum-vulnerable cryptography. Systems and assets with quantum-vulnerable cryptography include those involved in creating and validating digital signatures, which also incorporates software and firmware updates.”
It added that having an inventory of quantum-vulnerable systems and assets enables an organization to begin the quantum risk assessment processes, demonstrating the prioritization of migration. “Lead by an organization’s Information Technology (IT) and Operational Technology (OT) procurement experts, the inventory should include engagements with supply chain vendors to identify technologies that need to migrate from quantum-vulnerable cryptography to PQC.”
The latest push comes as the NIST is working to publish the first set of PQC standards, to be released next year, to protect against future, potentially adversarial, cryptanalytically relevant quantum computer (CRQC) capabilities. A CRQC would have the potential to break public-key systems, sometimes referred to as asymmetric cryptography, which are used to protect information systems today.
The joint factsheet also identified that organizations are unaware of the breadth of application and functional dependencies on public-key cryptography that exist within the products, applications, and services widely deployed within their operational environments, leading to a lack of visibility. It added that the project team should lead the creation of such an inventory.
Additionally, the team should also include the organization’s cybersecurity and privacy risk managers who can prioritize the assets that would be most impacted by a CRQC, and that would expose the organization to greater risk.
“It is imperative for all organizations, especially critical infrastructure, to begin preparing now for migration to post-quantum cryptography,” Jen Easterly, CISA director, said in a statement. “CISA will continue to work with our federal and industry partners to unify and drive efforts to address threats posed by quantum computing. Our collective aim is to ensure that public and private sector organizations have the resources and capabilities necessary to effectively prepare and manage this transition.”
“Post-quantum cryptography is about proactively developing and building capabilities to secure critical information and systems from being compromised through the use of quantum computers,” Rob Joyce, director of NSA cybersecurity, said in a statement. “The transition to a secured quantum computing era is a long-term intensive community effort that will require extensive collaboration between government and industry. The key is to be on this journey today and not wait until the last minute.”
The factsheet outlines that having an inventory of quantum-vulnerable technology and associated criticality of the data enables an organization to begin planning for risk assessment processes to prioritize its migration to PQC. The cryptographic inventory will help an organization become quantum-ready —a state where a CRQC is not a threat; help an organization prepare a transition to zero trust architecture; and help identify or correlate outside access to datasets, as those are more exposed and at higher risk, andoInform future analysis by identifying what data may be targeted now and decrypted when a CRQC is available.
Organizations should create a cryptographic inventory that offers visibility into how the organization leverages cryptography in its IT and OT systems. Cryptographic discovery tools should be used to identify quantum-vulnerable algorithms in network protocols, used to identify quantum-vulnerable algorithms in network protocols that allow traceability; assets on end user systems and servers, including applications and associated libraries, both within application functionality and for firmware and software updates, and cryptographic code or dependencies in the continuous integration/continuous delivery development pipeline.
The factsheet also called upon organizations to include in their inventory when and where quantum-vulnerable cryptography is being leveraged to protect the most sensitive and critical datasets and include estimates on length of protection for these datasets.
Organizations should correlate cryptographic inventory with inventories available from existing programs, such as asset inventory, identity, credential, and access management, (ICAM), identity and access management (IdAM), endpoint detection and response (EDR), and continuous diagnostics and mitigation (CDM). It also called for understanding which systems and protocols are being used to move or access their most sensitive and critical datasets, and identifying quantum-vulnerable cryptography that protects critical processes, especially for critical infrastructure.
Lastly, the joint factsheet recommends that organizations should feed the quantum-vulnerable inventory into their risk assessment process, allowing risk officials to prioritize where to ensure use of PQC as soon as it is available.
The document called upon organizations to develop an understanding of their reliance/dependencies on quantum-vulnerable cryptography in systems and assets, as well as how the vendors in their supply chain will be migrating to PQC. “Understanding your organization’s dependencies on quantum-vulnerable cryptography involves discovering where quantum-vulnerable algorithms are used in current IT and OT systems and devices (custom-built or COTS) and in the organization’s reliance on cloud services, ensuring that plans will reduce as much quantum risk as feasible and meet the organization’s transition strategy,” it added.
The joint factsheet also laid out that organizations should also begin to ask their vendors how they are addressing quantum-readiness and supporting migration to PQC. It also said that prioritization should be given to high impact systems, industrial control systems (ICS), and systems with long-term confidentiality/secrecy needs.
“If an organization discovers quantum-vulnerable cryptography in its custom-built technologies, it should identify the risk to data or functions that rely on those technologies,” according to the document. “The organization could either migrate to PQC within those technologies or develop system security upgrades that mitigate the risk of their continued use. Custom-built products, especially those in older systems, will likely require the most effort to make quantum-resistant.”
It added that for COTS products, organizational engagement with vendors on their PQC roadmap is critical. Migration to PQC should be viewed as an IT/OT modernization effort. An organization’s quantum-readiness roadmap should include details of when and how each COTS vendor plans to deliver updates or upgrades to enable the use of PQC, as well as the expected cost associated with migration to PQC.
For cloud-hosted products, the factsheet proposed that organizations should engage with their cloud service providers to understand the provider’s quantum-readiness roadmap. Once PQC standards are available, engagements should evolve to focus on how to enable the use of PQC, for example through configuration changes or application updates.
Addressing technology vendor responsibilities, the factsheet outlined that technology manufacturers and vendors whose products support the use of quantum-vulnerable cryptography should begin planning and testing for integration.
“CISA, NSA, and NIST encourage vendors to review the NIST-published draft PQC standards, which contain algorithms, with the understanding that final implementation specifics for these algorithms are incomplete,” the factsheet said. “Ensuring that products use post-quantum cryptographic algorithms is emblematic of Secure by Design principles. Vendors should prepare themselves to support PQC as soon as possible after NIST finalizes its standards.”
In April this year, the NIST released a preliminary draft soliciting comments from stakeholders in the public and private sectors to bring awareness to the challenges involved in migrating to post-quantum cryptography, from the current set of public-key cryptographic algorithms to quantum-resistant algorithms.
Related
