Cybersecurity in the Quantum Risk Era

The Threat

Quantum computers won’t be good at everything, but they excel at solving the problems adversaries need to overcome to break today’s public key cryptography. Cryptography encompasses a range of efforts to encode information in ways that keep secrets and prove identities. In the computer age, cryptography has become a science of computational security. Even with the power of all the world’s classical computers, there are specific problems—at specific scales—that can’t be solved in our lifetime. These are the problems at the foundation of public key cryptography. Public key cryptography has long enabled people to:

  • Secure data against unauthorized access (confidentiality)
  • Ensure data is not altered by unauthorized parties (integrity)
  • Validate users’ identity (authentication)
  • Verify that data comes from a certain sender (nonrepudiation)

All this must be done without compromising the availability of critical assets. Unfortunately, quantum computers will solve the previously intractable mathematical problems at the heart of most widely used public key encryption algorithms. The need to counter this threat is hard to overstate.

The Solution

Since 2016, the National Institute of Standards and Technology (NIST) has worked diligently to identify robust solutions to the quantum cyber threat. This is what’s called post-quantum cryptography (PQC). It’s designed to defend against classical and quantum attacks. It shifts the mathematical problems at the foundation of our cryptosystems from problems that are easy for quantum computers to ones that are believed to be hard. The solution is clear, but implementation won’t be easy. PQC has inherently different computational characteristics than the algorithms it will replace.

This transition will require careful performance and interoperability testing to ensure secure implementation, mitigate impacts on the availability of crucial network assets, and provide backward compatibility and interoperability during the transition. To achieve these goals, organizations must conduct robust planning and should consider early pilot testing before enterprise transitions. The federal government recognizes the vast scope of this undertaking and has set out specific requirements for agencies.

“An increasing number of mandates across the Executive and Legislative Branches require agencies to start preparations to ensure a swift transition to PQC when NIST standardizes the algorithms in 2024.”

The Danger of ‘Hold Now, Decrypt Later’ Attacks

Federal agencies must act quickly to reduce their quantum attack surface. When discussing the quantum cyber threat, it’s important to differentiate quantum algorithms and quantum computers. A quantum algorithm uses quantum operations to create an advantage over the current state of the art. Seizing that advantage in the real world (e.g., launching an attack) requires a quantum computer powerful enough to run the algorithm at scale.

A quantum algorithm capable of cracking all public key encryption already exists. What’s still missing is a quantum computer powerful enough to run that algorithm against modern key and certificate sizes. That gives many organizations a small window to address these vulnerabilities before the quantum attack vector opens. Other organizations are already at an elevated risk due to the emergence of “hold now, decrypt later” (HNDL) attacks. HNDL risks have been highlighted publicly in the Center for Strategic and International Studies’ report on CISA’s Evolving .gov Mission

“Some national security data needs to stay secure for decades. While quantum computers aren’t powerful enough to break public key encryption today, it’s only a matter of time.”

If an adversary acquires information secured by classical public key encryption, they can store those assets for later decryption. It’s unknown when quantum computers will reach the capacity to break classical cryptography—it could be five years, or 10, or 20. But there are many cases where that timeline doesn’t matter. 

  • Corporations often depend on intellectual property (IP) for competitive advantage—and the value of this IP can extend across decades.
  • Personal identifiable information (PII) and protected health information (PHI) must be kept secure throughout one’s life.
  • Some national security data needs to remain secure for decades.

HNDL attacks challenge old ideas around data breaches. In the past, when adversaries gained access to networks where data was protected by strong encryption, stakeholders considered those assets to be secure. That assumption changes in a quantum-enabled world. If that data was not secured by PQC, the breach’s impact is tied up in a cascading series of questions that become increasingly difficult to answer. These questions require diagnostics around what was taken, how it was encrypted, and—now—how long it needs to stay encrypted to ensure the compromised information does not harm an organization’s strategy or operations. 

“Agencies have little ability to mitigate the impact of HNDL attacks once executed, and there may be little certainty whether HNDL is part of the intent for exfiltration.”

Organizations must act quickly to reduce these risks by moving to PQC. This will reduce the number of assets vulnerable to HNDL attacks.

A Strategic Framework for Moving to PQC

The move to PQC should start with a comprehensive assessment. Agencies must understand their cryptographic infrastructure and create a strategic plan for integrating new, quantum-resistant algorithms. The journey to PQC unfolds across three stages:

  1. Discovery and Prioritization: Review the cryptography you rely on to secure information in both high- and low-side networks. Collect cryptographic telemetry to identify data and communications vulnerable to quantum attack. With the risk of HNDL attacks in mind, prioritize your most sensitive assets for transition to PQC as soon as practicable.

  2. Performance and Interoperability Testing: Next, assess how integrating PQC algorithms will affect network and system performance and interoperability. PQC algorithms have different computational characteristics, increasing the required bandwidth and computational cost for encryption and authentication. Higher cost to compute can drive latency. In some cases, agencies may even need to buy new hardware. You will need to carefully test infrastructure and network upgrades to ensure they work seamlessly with existing systems and protocols, both in-house and through coordination with vendors.

  3. Transition: Ensure your legacy systems and vendors use the new PQC algorithms. Establish governance to enforce cryptographic agility throughout your enterprise. Along the way, align your use of cryptography with best practices by requiring proper key management, using forward secrecy, and conducting penetration testing against side-channel attacks. Ensure PQC enhances security without disrupting the mission-critical workflows it is designed to protect. Consider factors like algorithm selection, infrastructure dependencies, and user impact to create a balanced approach to PQC while maintaining operational continuity.

“This transition will require the collaborative efforts of government, academia, and industry and a “whole-of-government” and “whole-of-society” approach. The interconnected nature of our digital ecosystem creates a shared responsibility to protect it.”

Shaping the Future of Quantum Resilience

Quantum computers will break today’s public key encryption. It is a matter of when—not if. The known risks of adversaries harvesting data for future decryption escalate the urgency of addressing these vulnerabilities.

Fortunately, you can use automated cryptographic discovery methods and tooling designed to work with your existing cyber telemetry. Deploying new cybersecurity sensors requires significant time and resources. That’s time many federal agencies don’t have, given the risks of HNDL attacks—and resources they may not need to expend. Many organizations already deploy cybersecurity sensors that capture cryptographic metadata. Unfortunately, they cannot often parse this information in a meaningful way. Booz Allen recognized this problem early and developed a solution that has helped our federal and commercial clients use existing tools to gain the visibility they need into their cryptographic vulnerabilities. With a comprehensive understanding of their quantum attack surface, our clients have the information they need to prioritize high-impact use cases for performance and interoperability testing in Booz Allen’s PQC Lab or an analogous sandbox we create within their environment.     

Contact Us

Learn how Booz Allen supports federal agencies and large commercial entities in their PQC transitions. Our PQC tools, services, and partnerships are grounded in a large portfolio encompassing quantum computing, quantum sensing, and quantum communications



1 - 4 of 8