Bipartisan Legislation Calls for Implementing Post-Quantum Security Practices
The new Quantum Computing Cybersecurity Preparedness Act would prepare for stronger quantum algorithms that pose a threat to traditionally-encrypted data.
Earlier this week, a new bipartisan bill was introduced in the House of Representatives that would bolster U.S. oversight and regulation of quantum cybersecurity, as more investment is poured into the emerging field.
The Quantum Computing Cybersecurity Preparedness Act, sponsored by Reps. Nancy Mace, R-S.C., Ro Khanna, D-Calif., and Gerry Connolly, D-Va., would require the National Institute of Standards and Technology and the Office of Management and Budget to develop mitigation measures for post-quantum cryptography.
Post-quantum cryptography has become a popular topic in the cybersecurity field. As more nations and private entities work to develop advanced quantum technologies, such as quantum computers, sensitive information encrypted on traditional computers could be easily accessed with more powerful quantum algorithms.
The new bill works to avoid this risk by issuing new security standards for post-quantum cryptography to prevent widespread hacking, and help agencies transition to more secure post-quantum information technology systems.
“Even though classical computers can’t break encryption now, our adversaries can still steal our data in the hopes of decrypting it later. That’s why I believe that the federal government must begin strategizing immediately about the best ways to move our encrypted data to algorithms that use post-quantum cryptography,” Khanna said.
Largely in response to the “harvest now, decrypt later” strategy among some hacking organizations, the bill calls on the director of OMB to work with the the Chief Information Officers Council to plan and assess current information technology networks and related risks within federal agencies, and advocate migration to post-quantum cryptography, pursuant to mandated NIST standards.
The bill also calls for the OMB director’s office to submit an annual report on post-quantum migration among agencies to Congress annually for nine years following the completion of new NIST cryptography standards.
“I’m optimistic about the power of quantum computing as part of the new technological frontier, but we must take preemptive steps to ensure bad actors aren't able to use this technology in more sinister ways,” Mace commented. “I’m confident the Office of Management and Budget, working with the National Institute of Standards and Technology, will be capable of ensuring Americans are shielded from these threats before there's no going back.”
Major private tech firms have supported the bill, including IBM, Google, QuSecure and Maybell Quantum.
The federal government has enhanced its funding efforts into quantum technologies over the past few years, notably with the National Quantum Initiative Act of 2018. While the applicable tech is still in its infancy, the U.S. is working to maintain a lead in the field through the development of a strong workforce and ample research funding.
The Biden Administration is keen to continue this legacy, as the 2023 Fiscal Year Budget called for $187 million to go to NIST to create updated standards for emerging technologies, including quantum sciences.