Today, quantum-safe VPN protocols are standardized
Today, with the approval of a new standard for quantum-safe virtual private networks (VPNs) by the Internet Engineering Task Force (IETF).
The Internet Engineering Task Force (IETF) was established in 1986 as the premier Internet Standards Development Organization (SDO).
-- This represents significant progress in the global effort to secure digital communications from the threat of quantum computers.
The new protocols are now being used by the Banque de France and the Deutsche Bundesbank to secure payment information, paving the way for the Bank for International Settlements to fully adopt the new protocols and secure communications between central banks worldwide.
Quantum adversary acquisition and decryption attacks
Simplified example of setting up a secure shell session for a VPN
"Harvest first, decrypt later (HNDL)" attacks are the biggest quantum cybersecurity threat today. In these attacks, hostile actors will now steal encrypted data and decrypt it once a sufficiently sophisticated quantum computer comes online. The new U.S. Quantum Computing Cybersecurity Preparedness Act states that HNDL risk is the greatest threat to humanity and mandates that quantum migration must begin now. Deploying VPNs based on new quantum-resistant cryptography is the easiest way to protect data in transit from such attacks.
The new IETF standard specifies how VPNs can securely exchange communications in the quantum era. This novel approach prioritizes interoperability and makes it possible for multiple quantum-resistant and classical encryption algorithms to be incorporated into VPNs. The combination of old and new encryption techniques is essential to ensure the uninterrupted operation of existing IT systems and to protect data from attacks by both classical and quantum computers.
This is a particularly important milestone for Internet connectivity and security, as we are transitioning from an era of global reliance on only one or two algorithms (RSA and elliptic curves) to one in which a number of different quantum-resistant algorithms are being deployed in different countries.This new standard from the IETF is the glue that will allow parties using different public key encryption algorithms to communicate with each other.
The new IETF standard was proposed and designed by UK-based cybersecurity company Post-Quantum, which has developed a range of market-ready quantum-safe cybersecurity products.
The ratification of the standard marks the culmination of work undertaken back in 2017 when Post-Quantum led the creation of the original proposal for the standard.Post-Quantum's own hybrid quantum-resistant VPN adopts the new IETF standard and is already being used by NATO to protect its communications from quantum attacks and to support NATO members' communications with each other.
About Post-Quantum
Post-Quantum is dedicated to next-generation cryptography. The company's quantum security platform includes modular software for identity, transport and encryption that protects an organization's entire digital footprint. The products offer interoperability, backward compatibility and cryptographic agility to ensure a smooth transition to next-generation cryptography.
Post-Quantum works with organizations in the defense, critical national infrastructure and financial services sectors, including a multi-year partnership with NATO, to secure their communications against quantum attacks.
The company is the inventor of the code-based anti-quantum algorithm NTS-KEM. After merging with a submission led by Prof. Daniel Bernstein, the company changed its name to Classic McEliece and is currently in the fourth round of the NIST competition. The company is also the original author of the Internet Engineering Task Force (IETF) standard for hybrid quantum-resistant virtual private networks.
Reference link:
[1] https://www.ietf.org/about/introduction/
[2]https://www.congress.gov/bill/117th-congress/house-bill/7535/text
[3]https://www.businesswire.com/news/home/20230713587680/en/Internet-Engineering-Task-Force-standardises-quantum-safe-VPN-protocol-created-by-Post-Quantum
[4]https://wiki.ietf.org/group/sec/PQCAgility[5]https://www.etsi.org/deliver/etsi_tr/103600_103699/103617/01.01.01_60/tr_103617v010101p.pdf