NCSC’s Roadmap for Quantum-Safe Cryptography: Preparing for the Future of Cybersecurity

Read time: 3:00

Locktera Solutions
Quantum Ready Security

Published: October 16, 2024

The U.K. National Cyber Security Centre (NCSC) has issued a number of recommendations for preparing for quantum-safe cryptographic systems as part of their overall cybersecurity strategy. Their key points are as follows:

Transition Planning:

Organizations are urged to begin planning their transition to quantum-safe cryptography now, even though fully capable quantum computers have not yet been built. This proactive stance ensures that systems are protected when quantum computers become a practical threat.

They emphasize the need for organizations to create a “cryptographic inventory” to understand where cryptography is used in their systems and prepare a strategy for migrating to quantum-resistant algorithms.

Quantum-Safe Algorithms:

The NCSC endorses the efforts of NIST (National Institute of Standards and Technology), which is working on standardizing quantum-safe algorithms. NCSC suggests that businesses pay close attention to this ongoing work and start evaluating these algorithms for future use.

NCSC also recommends that organizations follow developments in the Post-Quantum Cryptography Standardization project, which includes algorithms like FALCON, CRYSTALS-Kyber, and CRYSTALS-Dilithium.

Hybrid Approach:

For the time being, the NCSC advises that a hybrid approach (combining both classical and quantum-safe cryptography) may be a practical short-term solution. This approach allows businesses to maintain current security levels while preparing for the eventual shift to fully quantum-safe systems.

Awareness and Education:

The NCSC stresses the importance of organizations becoming educated on quantum computing and its future risks. Businesses should build awareness within their teams and invest in understanding how quantum computers will impact cybersecurity.

Adopt a Risk-Based Approach:

While preparing for quantum computing, the NCSC recommends adopting a risk-based approach. This includes assessing the criticality and lifespan of encrypted data—data with long-term sensitivity (e.g., medical records, national security data) may be at greater risk of being decrypted by future quantum computers, even if stolen today.

These recommendations encourage organizations to be proactive rather than reactive in adopting quantum-resistant security measures.

Locktera’s Hybrid Approach

Locktera’s hybrid approach to quantum-safe encryption leverages both classical and post-quantum cryptographic algorithms to ensure robust data protection against both current and future threats. By integrating AES-256, a widely recognized and time-tested symmetric encryption standard, with advanced post-quantum cryptography (PQC) algorithms designed to resist quantum computing attacks, Locktera achieves a dual-layer defense mechanism. AES-256 provides strong encryption against today’s threats, while PQC algorithms, which are resistant to the computational capabilities of quantum computers, future-proof the security of sensitive data. This hybrid model ensures that even if quantum computers become capable of breaking classical encryption methods, the post-quantum algorithms will continue to protect encrypted data, offering comprehensive and long-term security.

About the Author 

LOCKTERA is a leading innovator in quantum ready cybersecurity solutions, specializing in AI security, secure large file sharing, and document management. With its state-of-the-art encryption and authentication technologies, LOCKTERA empowers businesses to protect sensitive data, enabling seamless and secure collaboration across digital infrastructures. Trusted by organizations across various industries, LOCKTERA is committed to delivering tailored security solutions that address the evolving cyber threats of today and tomorrow.