Partner POV | Shielding Your Network
This article was written and created by our partner, Thales.
Imagine a world where your most sensitive data and your most secure communications are suddenly vulnerable. That's the future risk with the rise of quantum computers. These powerful machines threaten to break the encryption algorithms that safeguard our data in transit.
The good news: there are solutions available today to build quantum-safe networks including Post-Quantum Cryptography (PQC). These new algorithms are designed to resist cyber attackers, even ones using quantum computers. But transitioning to PQC requires preparation.
Why Network Encryption Matters Now
Data travels constantly across networks. Private data like medical records, financial transactions, intellectual property – all rely on encryption to keep them confidential. Today's encryption, based on public-key infrastructure (PKI), is robust, but quantum computing technology threatens to crack it. Attackers are already stealing data with a long-term value in an attack scenario known as "Harvest Now, Decrypt Later (HNDL)."
The PQC Challenge: Balancing Security with Smooth Transition
Moving to PQC isn't a simple switch. Here are some hurdles:
- Deployment: Replacing existing infrastructure with PQC-compatible solutions takes time and planning.
- Interoperability: Ensuring all devices and systems can work together across your networks is crucial.
- Performance: PQC algorithms can be computationally heavier, potentially impacting network speeds.
Act Today
Don't wait for the quantum storm to hit. Here's how to get ready:
- Discover: Stay informed by following the US National Institute of Standards and Technology (NIST) as they finalize their PQC algorithm selections (expected soon!); and keep up to date with the latest from other regulatory bodies such as ANSII, BSI and MAS. Identify systems and data most vulnerable to decryption by a future quantum computer.
- Classify: Categorize with respect to criticality, disclosure sensitivity and on shelf life / data lifecycle.
- Prioritize: Use a risk methodology to prioritize the most important components.
- Deploy: Work with internal and external experts to implement emerging quantum resistant algorithms. Start experimenting with PQC solutions in non-critical environments to understand performance and compatibility. Build Awareness by educating your organization and especially stakeholders about the urgency of PQC adoption.
The urgency cannot be overstated. Overlooking Post-Quantum Cryptography (PQC) endangers your network. Currently, a data breach risk might result in financial loss and reputational harm due to the exposure of sensitive information; however, this risk could dramatically increase with the advent of quantum computing. As compliance regulations progress, PQC adoption may become mandatory, subjecting non-compliant organizations to penalties, and placing them at a competitive disadvantage against vendors who are ready for PQC.
Thales High Speed Encryptor PQC Starter Kit for Network Encryption: Your Gateway to a Quantum-Safe Future
Thales High Speed Encryptors (HSE) are crypto-agile network encryption solutions that simplify the creation of quantum-safe networks.
The HSE PQC starter kit for network encryption enables users to explore different approaches to Quantum-safe infrastructures including:
- Use of Post-Quantum Public Key Cryptography
- Elimination of the quantum attack surface
- Implementation of Quantum Key Distribution
- Testing of Quantum Random Number Generation
HSE devices are already equipped with quantum-safe technologies, including the NIST PQC algorithms integrated into the appliances. These can be used in conjunction with current algorithms to provide a robust, layered defense today.
Thales High Speed Encryptors also feature operating modes that are inherently quantum-safe, such as Transport Independent Mode (TIM). The TIM mode:
- Eliminates the quantum attack surface between devices
- Removes key exchange messages transmitted over the wire that could be vulnerable to harvest and decrypt attacks
- Replaces quantum-vulnerable public key encryption with key derivation functions approved by NIST.
Thales High Speed Encryptors are compatible with Quantum Key Distribution (QKD) devices that adhere to the ETSI standard eQKD v14.01. They also support both internal and external Quantum Random Number Generation (QRNG) in collaboration with various ecosystem partners.
The PQC starter kit is easy to set up and use in non-production environments for initial test and validation but are production ready units that can be deployed as needed. It enables the evaluation of performance, configuration, and practical application of technologies such as PQC algorithms. Experimenting with the starter kit offers a way to investigate various strategies for securing your network in anticipation of a PQC future, all within a single, user-friendly yet sturdy, crypto-agile network encryption solution.
Thales High Speed Encryptors (HSE) and the Thales PQC Starter Kit provide an ideal solution for organizations looking to transition to quantum-safe network encryption. The High Speed Encryptors offer advanced crypto-agile security features, including built-in PQC algorithms and quantum-safe key management, while the starter kit allows for risk-free testing and exploration of these new technologies.
By incorporating Thales High Speed Encryptors into your network strategy, you can:
- Ensure future-proof encryption: Be prepared to adopt PQC algorithms as they become available without needing a complete infrastructure overhaul.
- Maintain high-performance encryption: Thales solutions are optimized for speed and efficiency, minimizing impact on network performance.
- Gain a competitive edge: Proactive adoption of PQC demonstrates your commitment to robust cybersecurity.
The future is quantum, but it doesn't have to be scary. By starting your PQC journey today with Thales High Speed Encryptors, you can ensure your network remains secure, even in the age of quantum computing. Thales also offers a Luna HSM PQC Starter Kit. Stay tuned for further updates on NIST's PQC announcement and take proactive steps to safeguard your data.