Earlier this week, the NSA announced plans to make plans to transition to quantum-resistant algorithms—so much as they currently exist—while advising everyone else to starting planning to plan for the same. While quantum computers don’t really exist at useful scales, nor are they likely to in the very near future, their emergence at some point seems reasonably assured. And this will be very, very bad for encryption as we know it—where „bad“ translates roughly to „completely destroy.“
By Michael Byrne|MOTHERBOARD
At the moment, the NSA’s Information Assurance Directorate (IAD) uses Suite B algorithms for protecting classified and unclassified National Security Systems. This is a collection of four NIST-specified algorithms employed for such ends as digital signatures, message hashing, anonymous key agreement protocols, and symmetric encryption. The Suite B algorithms have been around since 2005 and are an open standard widely employedin the private sector via the Internet Engineering Task Force.
The agency now says it’s time to move on, with its most recently published guidance offering the following:
IAD will initiate a transition to quantum resistant algorithms in the not too distant future. Based on experience in deploying Suite B, we have determined to start planning and communicating early about the upcoming transition to quantum resistant algorithms. Our ultimate goal is to provide cost effective security against a potential quantum computer.
So, that’s probably a good thing. Every single digital security protocol suddenly failing at once would be less than ideal.