Post-Quantum Cryptography: A Strategic Imperative for Enterprise Resilience

In the dynamic arena of technological advancement, quantum computing stands out as a monumental leap forward, poised to redefine the fundamental aspects of computing. Much like GenAI, its arrival pushes us to rethink how we can use these new advanced capabilities and, more importantly, what it means for the business of security. As we navigate this transformative shift, it is imperative for enterprise leaders to grasp the profound impact quantum computing may have on current cryptographic systems and to strategically prepare for a quantum-safe future.

In May of 2022, the White House penned a memorandum entitled National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems that provides guidance to help organizations mitigate the risk by implementing quantum-resistant cryptography. The U.S. government's guidance is to engage with national security organizations and direct them to move toward adoption of new algorithms for firmware and software signing in 2025.

Dell is aware of this new need to help ensure a secure environment for our customers and is actively working to implement Post-Quantum Cryptography (PQC) in its solutions.

Decoding the Quantum Paradigm

Quantum computing is more than a minor technological advancement; it represents a fundamental change in how computers operate. While traditional computers use bits that represent either a 0 or 1 to process data, quantum computers use qubits. A qubit can be in a state of 1, 0 or any state in between, thanks to a property called superposition. This allows quantum computers to solve complex problems much faster than classical computers, which can only process one set of possibilities at a time. With these capabilities, quantum computing could lead to major advancements in industries like pharmaceuticals, where it could speed up drug discovery, and materials science, helping design new, stronger materials.

Yet perhaps the most critical frontier is its impact on cryptography, or the mechanisms we use to secure our systems and data such as encryption, hashing or the use of digital signatures. The quantum realm challenges our existing security protocols, demanding new strategies to safeguard sensitive enterprise data.

The Cryptographic Challenge

Current cryptographic methods, such as RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography), form the foundation of today's data security frameworks. These systems rely on the computational difficulty of certain mathematical problems. However, quantum computers can perform parallel computations through an algorithm called Shor's algorithm. Shor's algorithm can efficiently factor large numbers, posing a potential threat to cryptographic protocols, rendering them vulnerable. This drives the need for post-quantum cryptography.

One way in which threat actors behave today is to harvest sensitive data that is encrypted and cannot be decrypted with traditional methods. They then save this data until new quantum technologies are able to decrypt it easily.

This potential new vulnerability necessitates a new approach to ensuring the security of our applications and data. Enterprises must anticipate and adapt to the risks posed by quantum computing to fortify their defenses.

Embracing Post-Quantum Cryptography (PQC)

The development of post-quantum cryptography is a strategic necessity because PQC aims to create cryptographic algorithms resilient to the capabilities of quantum computing. Research in this field spans lattice-based cryptography, hash-based cryptography and multivariate polynomial cryptography, among others. The pursuit of robust solutions across these areas is crucial for maintaining data integrity in a quantum-powered world.

As of August 13, 2024, National Institute of Standards and Technology (NIST) has released a set of encryption algorithms designed to withstand the attack of a quantum computer. NIST is also encouraging organizations to adopt these new algorithms as soon as they can.

Dell is already on this journey and has made upgrades to its encryption to AES256 in storage solutions where data is stored encrypted with Self Encrypting drives (SEDs). In addition, Dell's drive vendors have AES256 encryption for SEDs and Dell's data protection products have implemented support for software based AES256 encryption.

Industries on the Front Line

Organizations across all critical infrastructure sectors, particularly in finance, healthcare, as well as government and military, face heightened risks as quantum computing evolves. The stakes are high, with potential breaches carrying severe economic and societal consequences. These enterprises must lead the charge in adopting quantum-safe measures.

A Strategic Path Forward with Dell Technologies

Through our research, Dell understands that quantum computing will have a large impact on the current security landscape, making quantum computing a powerful tool for attackers. Cryptography, foundational to data and system security, must evolve. Enterprises must take decisive action to transition to quantum-safe security frameworks, and Dell Technologies stands ready to assist:

1. Engage in the PQC ecosystem. Dell Technologies provides extensive resources and expertise to help businesses stay ahead of advancements in quantum computing and post-quantum cryptography (PQC). Our insights can help companies anticipate and effectively navigate future challenges.
2. Evaluate security postures. Assess the data and systems in your environment to identify potential vulnerabilities in cryptographic systems and start preparing for future threats.
3. Invest in Quantum-Safe Solutions. With a commitment to innovation, Dell Technologies provides cutting-edge solutions to explore and implement PQC strategies. We collaborate with industry experts to ensure alignment with emerging standards and technologies.
4. Craft a transition roadmap. Develop and execute detailed transition plans, integrating quantum-safe infrastructure with clear timelines and resource commitments. Consumers of technology need to prepare now for 2035 to adopt quantum-resistant systems.
5. Foster industry collaboration. Dell Technologies actively participates in industry forums such as the Quantum Economic Development Consortium (QED-C) and Quantum Cryptography and Post-Quantum Cryptography Working Groups as well as other partnerships to share insights and best practices, driving collective progress in quantum security.

As we near the quantum era, enterprise resilience depends on anticipating and adapting to the technological shift ahead. Dell customers have already engaged on this issue, aligning with the standardization of post-quantum cryptography algorithms in August 2024. Governments are mandating quantum-resistant systems, with major transitions expected by 2030 to 2033. While PQC implementation may take a few years, organizations should adopt security best practices today to ease tomorrow's transition. By embracing PQC and preparing with Dell Technologies, enterprises can secure operations, drive innovation, and thrive in a quantum-powered world. Having strategic foresight and utilizing proactive measures are essential.

Public link

Please use the above public link if you want to share this noodl on another website.