The National Institute of Standards and Technology (NIST) has recently finalized its principal set of encryption algorithms designed to withstand the threat capabilities of quantum computers. This pivotal development signals that organizations can now begin definitive steps toward updating their cryptographic systems and software to these quantum-safe algorithms — well ahead of the quantum era.
The new NIST standards on Post Quantum Cryptography (PQC) are set to drive extensive standardization activities across a wide array of protocols used within our communications infrastructures, encompassing enterprise, internet, and mobile wireless sectors. However, transitioning from current cryptographic systems to new quantum-resistant forms will present challenges and require careful planning and strategic management.
A recent White House report highlights the scale of this undertaking, estimating that U.S. federal agencies are expected to spend an approximately $7.1 billion over the next decade to update their cryptographic infrastructure to be quantum-resistant. This figure underscores the magnitude of the challenge and likely reflects a similar trajectory within the broader communications industry.
ATIS is at the forefront of addressing these challenges through our Quantum-Safe Communication and Information Initiative (QSCII) Working Group. We are collaborating with our industry members to navigate the complexities of migrating to PQC and identifying key priorities for the necessary updates to existing IETF, 3GPP and other communications standards to support quantum-safe communications for the future.
ATIS has recently joined forces with the NIST National Cybersecurity Center of Excellence NCCOE PQC project. This collaboration aims to develop industry-wide strategies and tools for PQC migration. Our contributions include leveraging the ATIS Open Quantum Safe Test Framework to evaluate the performance impacts of PQC, ensuring that our members can quantify and manage the transition effectively.
We are focusing on how organizations can manage the migration to Post Quantum Cryptography (PQC) by utilizing a suite of advanced tools designed to facilitate the identification, assessment, and management of cryptographic assets. These tools are crucial for ensuring a smooth transition, allowing organizations to analyze existing cryptographic systems for vulnerabilities, simulate potential impacts of quantum-resistant algorithms, and prioritize updates based on risk and compliance requirements. The ATIS Strategic Framework for Crypto Agility and Quantum Risk Assessment introduces crypto agility metrics that information and communications technology (ICT) organizations can use to proactively measure, assess, and enhance their preparedness for the shift to quantum-safe cryptography.
ATIS is actively engaged in additional work items to deepen our understanding of the impacts that the introduction of quantum-resistant cryptography will have on 5G infrastructure architecture. Through comprehensive analysis, we are exploring the potential threats across the 5G architecture, aiming to provide quantifiable risk assessments. These assessments are crucial for prioritizing and guiding standardization efforts across this domain, ensuring that our strategies effectively mitigate risks and enhance the security of 5G networks as we transition to quantum-safe technologies.
Transitioning to Post Quantum Cryptography is becoming increasingly crucial for our industry, and it is expected to gain even more prominence in the coming months and years. Stay tuned for more insights and developments as we work together to navigate this quantum leap.
