Security News

I just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards. "This process has been going on since 2016, and since that time there has been a huge increase in quantum technology and an equally large increase in quantum understanding and interest. Yet seven years later, we have only four algorithms, although last week NIST announced that a number of other candidates are under consideration, a process that is expected to take"several years.

Quantum computing is poised to revolutionize the way we secure and privatize data. It can potentially disrupt our existing encryption methods, endangering sensitive data from various sources in ways even beyond what we've experienced with AI. In this Help Net Security video, Tommaso Gagliardoni, Global Practice Lead in Quantum Security at Kudelski Security, discusses quantum-based attacks.

With quantum technologies proliferating, business leaders may be wondering whether quantum computing is appropriate and secure for their work. A business should use quantum computing if the mathematical problem that needs to be solved is too complex for conventional computing to complete in a practical amount of time.

In this Help Net Security video, Denis Mandich, CTO at Qrypt, talks about quantum computing. If we thought AI turned security and privacy on their head, quantum computing will break how we encrypt data today and risk revealing sensitive data of citizens, governments, hospitals, banks, and more.

Quantum Computing Cybersecurity Preparedness Act has been signed into law, emphasizing the significance of a switch to post-quantum computing. The Quantum Computing Cybersecurity Preparedness Act requires federal agencies to maintain an inventory of the cryptographic assets they have in use, assess their quantum vulnerabilities, perform proof-of-concept testing of post-quantum cryptographic algorithms, and then prioritize the migration of those assets.

"NIST has release a draft of Special Publication1800-38A: Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography." It's only four pages long, and it doesn't have a lot of detail-more "Volumes" are coming, with more information-but it's well worth reading. We are going to need to migrate to quantum-resistant public-key algorithms, and the sooner we implement key agility the easier it will be to do so.

A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The underlying idea is that the physical effects introduced as a result of a cryptographic implementation can be used to decode and deduce sensitive information, such as ciphertext and encryption keys.

Quantum computing has surged in popularity recently, with its revolutionary computational capabilities transforming the technology sector. In this Help Net Security video, Vanesa Diaz, CEO at LuxQuanta, talks about how precautions must be taken ahead of this new quantum age, where cybersecurity solutions require significant attention and developments to ensure the protection and security of data.

Research conducted by Fujitsu suggests there is no need to panic about quantum computers being able to decode encrypted data - this is unlikely to happen in the near future, it claims. Fujitsu said it ran trials using its 39-qubit quantum simulator hardware to assess how difficult it would be for quantum computers to crack data encrypted with the RSA cipher, using a Shor's algorithm approach.

The growing interest in quantum is translating into spending, demonstrated by 71% of quantum-adopting enterprises surveyed having current quantum computing budgets of more than $1 million. Interestingly, nearly 30% of respondents that have adopted or plan to adopt quantum computing expect to see a competitive advantage due to quantum computing within the next 12 months.