GAO Offers Quantum Guidance to Federal Agencies
As the federal government continues its push for mass post-quantum cryptography transitions, the Government Accountability Office offered fact-based summary and guidance.
More federal guidance has emerged as the world continues its preparations for the advent of quantum computing with the Government Accountability Office disseminating fast facts on how to secure sensitive data in a post-quantum cryptographic world.
In its March 8 advisory, GAO highlights how vulnerable current classical encryption algorithms could be to those operating within a quantum computer. These vulnerabilities, combined with more cyberattacks that work to hack and harvest data, prompted the GAO to offer guidance on implementing post-quantum cryptography measures.
“The mathematical structure underlying current encryption methods commonly used for public-key cryptography and digital signatures could be broken with a CRQC [cryptographically relevant quantum computers],” the report reads.
Despite the estimated timeline for a viable quantum computer to become operational in no less than a decade, expert organizations are working to fortify U.S. digital networks well before they are susceptible to a quantum algorithm’s powerful decryption capabilities. This is generally accomplished through quantum-resilient algorithms, with the National Institute of Standards and Technology spearheading their development since 2016.
GAO authors break down the cybersecurity and encryption needs for classical systems in a post-quantum world. Explaining that the expert consensus suggests private key encryptions strategies are less susceptible to attacks by quantum computers.
“The mathematical structure underlying current encryption methods commonly used for public-key cryptography and digital signatures could be broken with a CRQC,” the report says.
One recommended algorithm is Lattice-based encryption, which is harder to decrypt because it functions in a multidimensional space using geometry to secure data.
The White House has currently set a deadline for all federal entities to transition to post-quantum cryptography standards by 2035. In President Joe Biden’s new national strategy, quantum cryptography plays a role in modern cybersecurity principles.
Aside from implementing new, updated algorithms, the report also recommends updating digital infrastructures and enhanced data security are two steps to preemptively secure data networks.