Consortium designed to ease migration from the current set of public-key cryptographic algorithms

Post-Quantum is one of the very few organisations that can provide operational quantum-safe solutions today

‘Harvest Now Decrypt Later’ (HNDL) attacks currently represent the world’s greatest existential cybersecurity threats. These attacks see hostile actors steal encrypted data now, which can be decrypted once a cryptographically relevant quantum computer (CRQC) emerges.

This makes it critical to begin the process of replacing hardware, software, and services that use public-key algorithms now, so that the information is protected from both HNDL and, eventually, future quantum attacks.

It is for this reason that the National Institute of Standards and Technology (NIST) established a consortium of organisations as part of its National Cybersecurity Center of Excellence (NCCoE) “Migration to Post-Quantum Cryptography (PQC)” project. Today, Post-Quantum, the oldest specialist PQC firm in the world, has been selected to be a part of the project, supporting it in developing tangible PQC implementations and use cases.

The NCCoE project brings together experts from industry, government, and academia to address the real-world needs of securing complex IT systems and protecting the nation’s critical infrastructure. Participants include Palo Alto Networks, Amazon Web Services (AWS), Cisco, Microsoft and VMWare as well as other vendors who are sharing their expertise in planning for and implementing post-quantum cryptographic algorithms.

Post-Quantum’s selection will see the company playing a central role in:

  • Ensuring smooth transition and deployment of VPN that will protect us from HNDL attacks
  • Ensuring that backward compatibility is supported
  • Testing different PQC algorithm configurations in hybrid arrangement, not only in those standardised by NIST, but also other PQC algorithms.
  • Providing in particular unique implementation know-how in securing edge to mobile end-points.

Andersen Cheng, Executive Chairman, Post-Quantum commented: “Our priority over the last few years has been on accelerating real-world implementations. For example, last year a new standard that we authored for a hybrid quantum-safe Virtual Private Networks (VPN) was ratified by the Internet Engineering Task Force (IETF). This new standard is now the glue that allows parties using different post-quantum key establishment algorithms to talk with one another, which is particularly important as we enter a situation where different nation states deploy a variety of different algorithms. We are looking forward to sharing implementation knowledge of our protocol and unique know-how in securing mobile end points with partners such as Palo Alto, Microsoft, and AWS, to accomplish an end-to-end secure quantum migration.”

Post-Quantum is the first company to be founded with the sole focus on PQC. Working in high-grade cybersecurity and encryption innovation, the company works for various secure areas of banks, defence organisations, and governments. As a first mover in the industry, Post-Quantum is one of the very few organisations which has progressed past the R&D stage and can provide operational quantum-safe solutions today. It has designed and built a range of quantum-safe products like VPNs and Identity Systems, which have been deployed by organisations like NATO.

For more information about Post-Quantum, please visit: https://post-quantum.com/index.html

About Post-Quantum

Post-Quantum is upgrading the world to next-generation encryption. Our quantum-safe platform includes modular software for Identity, Transmission and Encryption that protect organisations across their entire digital footprint. Products are interoperable, backward compatible and crypto-agile - ensuring a smooth transition to the next generation of encryption.

Post-Quantum works with organisations in defence, critical national infrastructure and financial services, including a multi-year relationship with NATO to ensure its communications are secure against quantum attack.

The company is the inventor of NTS-KEM, a code-based post-quantum algorithm. Now known as Classic McEliece following the merger with the submission led by Professor Daniel Bernstein, it is currently in round four of the NIST competition. The company is also the original author of the Internet Engineering Taskforce (IETF) standards for a Hybrid Post-Quantum Virtual Private Network.

As IETF defines how the internet functions, it is critical that more and more of the components will become quantum-safe in due course. The Company is proactively working on and proposing several new standards to IETF which will help shape how the internet will operate in a post-quantum world.

Clementine Croton Ccroton@fireoth.com