This post is also available in: עברית (Hebrew)
The advanced computing capabilities of quantum computers will render most traditional encryption protocols used today obsolete. The US government is already preparing contingencies for how to defend its current IT assets and equipment from the threat.
Quantum computers exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use, according to csrc.nist.gov.
The US National Institute of Standards and Technology (NIST) wants to develop new encryption standards designed to protect the federal government from new and emerging cybersecurity threats.
The agency spent much of the past year evaluating 69 algorithms for its Post Quantum Cryptography Standardization project, designed to protect the machines used by federal agencies today from the encryption-breaking tools of tomorrow.
The submitted algorithms are all designed to work with current technology and equipment, each offering different ways to protect computers and data from attack vectors – known and unknown – posed by developments in quantum computing.
Matthew Scholl, Chief of the Computer Security Division at NIST, said: “This is to ensure that we have some resilience so that when a quantum machine actually comes around.. having more than one algorithm with some different genetic mathematical foundations will ensure that we have a little more resiliency in that kit going forward.”
NIST is also working on another revamp of encryption standards for small “lightweight” computing devices, focusing on components such as RFID tags, industrial controllers, sensor nodes and smart cards that are inherent in many Internet of Things devices, according to fcw.com.
The government’s current encryption standards are largely designed for personal computers, laptops and other general purpose computing platforms. NIST officials believe new standards are needed to tackle a range of problems, from increasing reliance on connected devices to dissatisfaction with current identity and access management tools.