Encryption & Key Management , Security Operations

Quantum Risks Pose New Threats for US Federal Cybersecurity

Experts Say Feds May Face Cost and Timeline Challenges in Quantum Readiness
Quantum Risks Pose New Threats for US Federal Cybersecurity
Government watchdog reports have been calling on the federal government to boost quantum readiness for years.

The U.S. federal government is racing against time - and foreign adversaries - to safeguard critical infrastructure from the looming threat of quantum-powered cyberattacks.

See Also: OnDemand | Extended Access Management: Securing Access for All Identities, Devices and Applications

In the month after the National Institute for Standards and Technology formalized adoption of three post-quantum encryption algorithms, experts say federal networks remain significantly vulnerable to future quantum-enabled threats (see: US NIST Formalizes 3 Post-Quantum Algorithms).

Adversaries including China are investing heavily in quantum computing in an apparent effort to outpace the United States, where bureaucratic red tape and unforeseen costs could significantly hinder federal efforts to keep up.

"Upgrading this infrastructure isn’t going to be quick or cheap," said Georgianna Shea, chief technologist of the Foundation for Defense of Democracies' Center on Cyber and Technology Innovation. Testing for quantum-resistant encryption could reveal compatibility issues with legacy systems, such as increased power demands, reduced performance, larger key sizes and the need to adjust existing protocols and application stacks for keys and digital signatures, she told Information Security Media Group.

The Foundation for Defense of Democracies is set to release new guidance for CIOs on Monday that will aim to lay out a road map for quantum readiness. The report is structured as a six-point plan that includes designating a leader, taking inventory of all encryption systems, prioritizing based on risk, understanding mitigation strategies, developing a transition plan and regularly monitoring and adjusting it as needed.

NIST unveiled post-quantum standards for general encryption along with two digital signature standards in August and announced plans to formalize an additional algorithm for digital signatures, known as FALCON, later this year The guidance followed a July White House report that estimates the cost of transitioning key federal systems to post-quantum encryption at least $7.1 billion through 2035.

Announcing the new standards last month, NIST Director Laurie Locascio said quantum computing technology "could become a force for solving many of society's most intractable problems."

In September, Department of Defense officials at the Quantum World Congress summit outlined several initiatives to enhance quantum readiness, including a Defense Advanced Research Projects Agency program designed to assess whether a quantum computer can be developed more quickly than currently expected. John Burke, principal director of quantum science for the Pentagon, told audiences that quantum computing at the Pentagon "might come very soon."

Government watchdog reports have long warned that quantum technologies can process and transmit data in ways existing systems cannot and urged federal agencies and the Pentagon to recruit a highly specialized staff in physics to address emerging risks associated with quantum computing. A 2021 Government Accountability Office report called for "billions of dollars in investments" and said advanced development of U.S. quantum readiness and technologies will require further collaboration and supply chain and workforce development.

"There is a global race to understand quantum computing and develop a cryptographically relevant quantum computer," Shea told ISMG. "The winner will have a significant advantage in cyberwarfare, cyberespionage, and advancing critical research areas."


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.