Prioritization, agility key to post-quantum standards implementation, US officials say

The National Institute of Standards and Technology’s release of encryption standards to protect against future attacks from quantum computers set in motion new work for government and industry to implement those algorithms.

As that process begins, federal officials discussing the migration are highlighting the importance of actions such as prioritizing high-value assets, working toward “crypto agile” systems, and purchasing compliant tools. 

Speaking at FedScoop’s FedTalks earlier this week, Nick Polk, senior adviser on cybersecurity in the Office of the Federal CIO, called the process “not a destination, but a journey” and said the migration to the standards will be constant for the “foreseeable future.”

“Now that we are moving towards more powerful supercomputers and eventually quantum computers, we’re going to constantly have to ask ourselves: ‘Is our encryption secure?’” Polk said. Doing that, he said, will require cryptographers, chief information officers, and chief information security officers across the public and private sectors to partner.

The three standards that NIST finalized last month are designed to prepare for a future in which quantum computers can decode current methods of encryption, putting sensitive information held by organizations and governments across the globe in jeopardy. While those quantum capabilities aren’t fully realized yet, projections indicate it might not be so far off, which is why entities are working now to swap at-risk cryptography with algorithms that could withstand a quantum attack.

Agencies have already begun some of the work needed to prepare for the changes, including inventorying their systems for cryptography and estimating the funding needed to migrate to post-quantum standards, but more work is still ahead. 

Here are four takeaways from federal leaders’ recent public comments on that implementation:

Identification

Identifying where cryptography standards in need of changing currently exist is among the first tasks for agencies and other organizations, officials said. 

“The biggest thing now is just finding this cryptography, wherever it may be, and that is going to be a manual and an automated process,” Polk said, adding that the White House is encouraging agencies to do both. 

While automated systems are good at finding the unknown, Polk said there are some parts of networks that can’t be reached by those systems, and as a result, the process will also require some “elbow grease” to identify all instances.

The process of inventorying is part of that work. 

Speaking on a panel about quantum at the Billington CyberSecurity Summit earlier this month, Phil Stupak, assistant national cyber director in the Office of the National Cyber Director, said the inventory U.S. agencies conducted last year was a “first step.”

“We are on an annual process of conducting an inventory across the government of where all of our cryptography is so we can prioritize what needs to be replaced first,” Stupak said.

Stupak said the inventory last year was the first in the world. While he noted there was room for improvement between the first and second version, he said the process will continue to get better as time goes on.

Prioritization

The next step of the process is deciding what cryptography needs to be addressed first, and that depends in part on risk.

Also speaking at FedTalks, Department of Energy CIO Ann Dunkin said that the agency’s journey to get to post-quantum preparedness on all of its systems will likely take a decade or more. DOE won’t be able to do everything identified in the inventory right away, so the strategy is to look at what is most important first, she said.

“What are our high-value assets that are subject to needing post-quantum encryption? Because some things may not be an issue, like where we don’t store a lot of data,” Dunkin said. “But where do we store the high-value data? Where do we need to move it?”

In government agencies, those efforts could look different depending on size, and some agencies may want to have a specific role dedicated to that work, Jennifer Franks, director of the Center for Enhanced Cybersecurity at the U.S. Government Accountability Office, said on the Billington panel. 

“There are a lot of organizations in the federal government that are very large and very complex, and their organizations cannot withstand having one individual hold two and three different chief capacity type of roles,” Franks said, adding that’s especially true when it comes to the cyber area, which must address evolving threats from around the world. 

Franks said it might be helpful for certain federal entities to consider having a PQC organization and a leader.

Crypto agility

Additionally, officials have underscored the need to work toward “crypto agile” systems — meaning systems in which it’s possible to change out algorithms as they evolve. 

Stupak said he “cannot strongly enough stress crypto agility.”

“The idea here is that too often when we’re doing these inventories, we discover cryptography that is hardwired into a chip so that you cannot replace it without replacing the entire chip,” Stupak said. 

This transition isn’t the first or last time that cryptography needs to be updated in systems, which is why systems designed with more agility are helpful, he said. “Being able to have an agile environment where you can change out your cryptography is going to save you, not just today, but it’s also going to save you multiple times in the future,” Stupak said.

Similarly, Dunkin said just like software is now being built so it’s easy to decompose, the same needs to happen for encryption. Pulling a quantum module out of a solution and putting a new one in when there’s new technology or algorithms “needs to be much easier,” she said.

Procurement

While agencies are doing some of the work identifying where the cryptography exists in their systems, officials said industry has a significant role in the process.

“The government rarely makes things. We mostly buy things. So a lot of our requirements are going to be passed on to our vendors, our service providers, and our enterprise, and end point suppliers,” Matthew Scholl, chief of NIST’s computer security division, said on the Billington panel.

Among the things DOE will be doing “right away,” Dunkin said, is refraining from buying new systems that don’t implement the post-quantum standards. 

“From an industry standpoint, we need you all to bring us solutions that are post-quantum ready,” Dunkin said later, calling on companies to update their encryption capabilities so agencies can buy something that’s ready now.

That part of the process is just beginning.

Following NIST’s release of the algorithms, industry will now begin putting their compliant  products through programs that certify adherence to federal government standards, such as Federal Risk and Authorization Management Program and Federal Information Processing Standards, Stupak told FedScoop after the Billington panel. 

“That process takes some time,” Stupak said. “But once those are certified we will begin procuring those products, and we will begin doing the replacement on the prioritization list that we have.”