The next administration must be ready for new quantum encryption standards, MITRE advises
The U.S. is already assessing post-quantum readiness under order from the White House.
The next presidential administration — whether it be a second term for current President Joe Biden or former President Donald Trump — will have to focus on ensuring the U.S. is ready for quantum computing to outperform the encryption methods currently used to secure data, a top federally-backed research group argues.
MITRE said in an advisory document released last week that the next presidential administration will need to prioritize such quantum computing advances, as well as critical infrastructure protections, clarification of cyber leadership roles and implementation of a zero trust framework for the federal government.
The readout is part of a series of releases from the federally affiliated national security research giant ahead of the upcoming election and possible transition of power in the White House. The release is the first of its kind in the 2024 election season that focuses on U.S. cybersecurity policy.
Today’s cryptographic systems rely on complex mathematical algorithms that are difficult for traditional computers to unravel. But future quantum computers could solve these problems much more efficiently because they rely on the laws of quantum mechanics and can process a vast number of possibilities simultaneously. It means malicious actors in the coming years may be augmented with new abilities to decode encrypted information currently considered secure.
Practical quantum computing tools are still in development, though a top NSA official predicted in April that they could be available in three to five years and will likely be accessed in cloud based environments.
“While it is hard to predict precisely when quantum computing will crack the current encryption, the U.S. government must prepare now to protect data — past, present, and future — in the context of post-quantum cryptography,” said the MITRE advisory, referring to a new era of cryptographic algorithms that are designed to be secure against the capabilities of quantum computers. The National Institute of Standards and Technology has been in the process of developing tools to help agencies migrate to PQC standards, as directed by the White House.
The next administration should assess the U.S. government’s post-quantum readiness, craft a cryptographic “bill of materials” to outline what systems need transitioning to PQC and use expertise from the PQC Coalition, MITRE argues.
The White House and intelligence partners have already been working to bolster government network defenses against advanced techniques enabled by the creation of practical quantum computers in the near future. The NSA, in particular, has set a 2035 deadline for IC systems to be locked into these new PQC standards.
Federal scientific thought leaders are trying to prevent quantum-powered cyber incidents like “record now, decrypt later” attacks where an adversary will hoover up encrypted data streams, store them, and — with the eventual existence of a powerful enough quantum device — decrypt that data to use for theft or exploitation.