Information Security in the Post-Quantum Age

Recommendations for post-quantum cryptography: How to prepare your organization for future risks with solutions from genua today.

With the rapid development of quantum computers, the requirements for communication security are also growing. All asymmetric cryptographic methods that are used in Internet protocols today are in danger of being decrypted in a relatively short time in the near future. In addition, attackers such as foreign secret services or cybercriminals can already collect encrypted data today in order to decrypt it later with the help of productive quantum systems. This jeopardizes the value of the confidentiality of sensitive data.

From the point of view of the German Federal Office for Information Security (BSI), post-quantum cryptography must therefore become the standard in the long term. The BSI advises organizations to weigh up when a switch to quantum-safe processes should take place at an early stage and continuously as part of a moderate risk management.

Which Organizations are Particularly Affected?

To mitigate the risks posed to US cybersecurity by quantum computing, US President Joe Biden signed a National Security Memorandum (NSM) in early May 2022, calling on government organizations to take preventive measures. These affect more than 50 US departments and authorities that use national security systems.

This announcement has a signaling effect. Other countries could follow soon and oblige authorities, public institutions, companies that are subject to secrecy protection, and operators of critical infrastructure to take specific protective measures – i.e. to switch to quantum-resistant methods.

Development Status of Quantum-Resistant Encryption Methods

Internationally, there are already possible candidates for quantum-resistant encryption methods, which the US National Institute of Standards and Technology (NIST) is trying to evaluate. However, despite intensive investigations, there is still a lack of confidence in the security of the new methods and, in particular, experience in practical implementation. This means that official approvals and recommendations are currently only emerging slowly.

Well Prepared with Crypto Agility

Due to very slowly emerging standards and recommendations, we advise customers to use crypto agility, i.e. to pay particular attention to the cryptographic flexibility of the security mechanisms when developing and acquiring new IT security solutions. With appropriately configurable products from trustworthy manufacturers, organizations can minimize the attack surface of new types of attacks and react to future developments and security incidents. With high investment security, this lays a solid foundation for a future-proof IT infrastructure. What is important here is hybrid use with classic methods: the combination of proven and new cryptographic processes enables a safe transition into the future.

Quantum-Safe VPN Solutions and Product Updates

As an expert in IT security, genua develops and tests novel quantum-resistant processes and implements them, e.g. in VPN implementations. Within an international network of companies, universities and standardization agencies, we are significantly involved in the design of quantum-resistant VPN standards. As soon as these processes and solutions are ready for operation, we can safely provide them in our existing IT security solutions and new applications in the future.

An important prerequisite for crypto-agility is the future-proof design of the update mechanisms of the products. This applies in particular if the update mechanism itself can no longer be updated securely.

We already guarantee our customers trustworthy product updates: In addition to a classic digital signature for maximum security according to current standards, our specially developed update mechanism offers an extension with a quantum-resistant signature and thus already protects effectively against attacks with quantum computers. We thus meet the recommendations for future-proof software updates according to BSI and NIST.