Post-Quantum Cryptography Partnerships Announced

The National Cybersecurity Center of Excellence (NCCoE), part of the National Institute of Standards and Technology (NIST), has announced the enterprises it will work with on its Migration to Post Quantum Cryptography Project.

The advent of practical quantum computing technology will compromise many of the current cryptographic algorithms, including public-key cryptography, which is widely used to protect digital information. This probable future is known as the post-quantum cryptographic era.

Every enterprise that relies on secure communication will need to prepare years in advance before the risk is realized. The following public and private sector organizations will work with NCCoE to increase awareness of the necessary transition:

The initial scope of the project is to demonstrate the discovery tools that can provide automated assistance in identifying where and how public-key cryptography is being used.

This encompasses hardware, firmware, operating systems, communication protocols, cryptographic libraries and applications employed in data centers and distributed computer, storage and network infrastructures.

The collaborators plan to engage with developers of products that use public-key cryptographic algorithms, as well as product integrators, customer organizations that acquire or configure these products and bodies that standardize protocols that employ or are dependent on public-key cryptographic algorithms.

The project aims to demonstrate the use of automated discovery tools to identify all instances of public-key algorithm use in the components of an example network infrastructure.

Once identified, the project is expected to prioritize the components that need to be migrated to being post-quantum resilient most urgently using a risk management methodology.

Finally, the project plans to provide systematic approaches for migrating from vulnerable algorithms to quantum-resistant algorithms across the different types of assets and their supporting underlying technology.

The National Cybersecurity Center of Excellence (NCCoE) will be joined by the following technology collaborators in the Migration to Post Quantum Cryptography Project: 

In our initial phase, these collaborators will work with the NCCoE to demonstrate the use of automated discovery tools to identify instances of quantum-vulnerable public-key algorithm use, where they are used in dependent systems, and the function they support.   

Each of these organizations responded to a notice in the Federal Register to submit capabilities that aligned with desired solution characteristics for the project. The selected collaborators signed a Cooperative Research and Development Agreement, enabling them to take part in a consortium where they will contribute expertise and hardware or software to help create a reference design and build example standards-based solutions.