On Wednesday, the Biden-Harris administration announced two Presidential directives that advance national initiatives in quantum science and raise awareness of the potential threats quantum computing will bring to the integrity of internet security. In doing so, the administration recognizes that as quantum computing matures, no data is safe from future attacks. Therefore, the potential impact of this technology threatens both national security and the very foundation upon which internet security is based, RSA cryptography.
According to Reuters, the U.S. is in an ongoing race against other nations to develop quantum technology — with an emphasis on quantum computing— which could advance developments in artificial intelligence, materials science, and chemistry. Unlike standard computers, quantum computers can operate millions of times faster than today’s supercomputers. According to the National Security Agency’s press release, a quantum computer of sufficient size and sophistication will be able to break much of the public-key cryptography used on digital systems across the United States — and the world. A quantum computer could also jeopardize civilian and military communications and undermine control systems for critical infrastructure, said GEN Paul M. Nakasone, Commander, USCYBERCOM, Director, NSA/Chief, CSS.
New quantum directives boost cybersecurity
The two quantum directives announced on Wednesday point to the Biden-Harris administration’s commitment to this critical technology. According to a White House fact sheet, these directives “lay the groundwork for continued American leadership in an enormously promising field of science and technology, while mitigating the risks that quantum computers pose to America’s national and economic security.”
The first directive is an Executive Order that will bolster the National Quantum Initiative Advisory Committee, the government’s independent advisory body for quantum information science and technology. The committee will guide policymaking and will work directly under the White House to ensure President Biden, Congress, federal agencies, and the public have the latest, most accurate information about advances in quantum technology.
The second directive is a National Security Memorandum that supports quantum information sciences and outlines steps to mitigate the risks posed to America’s cybersecurity infrastructure. Quantum computing has the potential to render the current cryptographic standard virtually useless and could impact all areas of security used to encrypt web traffic. To address this risk, the National Institute of Standards and Technology (NIST) will publish new quantum-resistant cryptographic standards to protect against future attacks.
- Positions the United States to remain a global leader in technology development and quantum information science
- Initiates collaboration between the federal government and the private sector
- Sets requirements for federal agencies to update cryptographic system
- Protects United States technology
Most notably, the memo highlights the need for collaboration between the private and public sectors when it comes to addressing threats posed by quantum technology. Government entities alone cannot successfully address and prevent these threats. The private sector has solutions to enable not only the cryptography, but also the key management required for both sides to successfully defend against quantum threats, so it’s imperative they work together.
Now is the time to plan for the arrival of quantum computing
I am often asked when organizations should start thinking about and planning for the impending arrival of quantum computing. The directives set by the White House now make my answer a lot easier and convey a sense of urgency – the time is NOW. While quantum technology is still maturing and the threats are minimal today, the time it takes for an organization to become crypto-agile can be significant. It’s never too early to plan ahead and you can start by reading our ebook: Crypto-agile PKI for the Future.