The Future is NOW

At this year’s RSA conference in San Francisco, I was struck by the ubiquity of fully autonomous Waymo taxis. Yes, I had noticed them last year, but this year they seemed omnipresent. So while I had some concerns, my colleagues convinced me we could not leave San Francisco without catching a ride in one of them. So there I was, riding in the front passenger seat of a driverless taxi as it breezed through the city one evening.

It was surreal. Somehow, once inside the Waymo, I felt remarkably calm. The drive was steady, purposeful, and precise. As the ride went on, my brain kept parsing the cognitive dissonance that I was experiencing. For years, despite hearing from people who knew that fully autonomous driving was the future, I remained skeptical—if such a thing actually happened, surely it wouldn’t be for a very long time. Yet, here was irrefutable evidence that autonomous driving is possible now, and I even felt safe being driven by it.

This experience parallels how many people feel today about quantum computers and the risks they pose to classical public key cryptography. Despite accelerating progress in the development of quantum computers, many people believe that “Q-Day” (when quantum computers become powerful enough to break public key cryptography) will either never come or arrive in such a distant future that they don’t need to worry about it now.

But as I listened to Dr. Taher Elgamal and Dr. Michelle Mosca, two of the most prolific thinkers in the world of cryptography, their message was clear: Not only are cryptanalytically relevant quantum computers (CRQCs) coming, they are coming much sooner than many people think, and the time to start migrating to post-quantum cryptography (PQC) is now.

I picked up three key themes relating to PQC migration:

Cryptographic Posture Management

There is a broad consensus that fundamental risk management requires organizations to understand where and how they use cryptography. Even if the world of cryptography did not face a threat from quantum computers, organizations need a better way to manage their use of cryptography, starting with keeping an ongoing inventory of its use.

Just as organizations now use Software Bills of Materials (SBOMs) to track where they use open-source components, they should also use Cryptographic Bills of Materials (CBOMs) to understand what cryptography they use in their environment. This way, when the next Heartbleed vulnerability gets discovered, organizations will be able to quickly identify whether they are vulnerable and what needs to be patched.

Policy-Defined Crypto-Agility

Also, irrespective of the threat from quantum computers, organizations need a way to update their cryptography use efficiently, without requiring extensive changes to their environments, such as changing and recompiling their software. The idea is that cryptographic use details should be abstracted away from application code into configurations that can be changed based on policy in a declarative rather than programmatic fashion.

This way, whether it’s in response to the next Heartbleed or an organization needing to update the implementation of ML-KEM, it can be done seamlessly, with security or compliance teams able to govern the organization’s use of cryptography via policy-based means. Having policy-defined control for cryptographic use could also reduce the likelihood of a ransomware attack, for instance, since adversaries often use the organization’s own cryptographic capabilities against it through unauthorized use of cryptography in these attacks.

Iterative Process for PQC Migration

Finally, it is important to get started on PQC migration. While planning and maintaining inventory are important activities, they do not in themselves make the organization quantum resilient. In the world of IT, we long ago learned that waterfall projects do not work as well as agile ones, so why should PQC migration be any different? What is essential is to set the organization on a path of continuous improvement, where every day it becomes more quantum resilient than it was the day before.

A case in point: Many organizations will discover that they have a lot of quantum-vulnerable TLS connections that may leave their data open to harvest-now, decrypt-later (HNDL) attacks. So why not start securing some of these TLS connections today? Here at SafeLogic, we are big believers in this approach. We have recently released a new product called CryptoComply PQ TLS, which enables organizations to make their TLS connections quantum resilient using policy-driven crypto-agility. We have also recently demonstrated an end-to-end use case from discovery of quantum vulnerable cryptography, to automated crypto-agile remediation with quantum resistant cryptography, to remediation verification.

The need for PQC migration will incentivize organizations to improve their cryptographic posture management and build in crypto-agility—something they should have been doing even if Shor’s algorithm to break asymmetric cryptography on quantum computers had never been invented. Doing so will make them more secure from classical attacks, while also facilitating migration to PQC and inevitable future migrations. The important thing to recognize is that the future is now regarding the need to strengthen cryptographic posture management and migrate to PQC. Don’t wait until CRQCs are staring you in the face like the Waymo that was driving yours truly around San Francisco, because by then it will be way too late for your sensitive data.