Migrating to post-quantum cryptography (PQC)
The next game-changer for cybersecurity
Post-quantum cryptography (PQC) consists in all cryptographic methods that withstand a quantum computer. Nearby on the computing horizon quantum computers will be capable of factorizing large prime number products and solving the discrete logarithm problem. As cryptography relies on algorithms, quantum will disrupt key encryption and cybersecurity as we currently know it.
Risks Quantum poses to your security
What if everything you thought was secure was not anymore?
By disrupting cryptography, quantum computers jeopardizes the security of all assets and activities as we currently do them. Indeed all data protection, email exchange, payement, communication and much more are secured with algorithms. And these will soon be broken by quantum computing. Hence nothing will be secure anymore... if secured with classical, ie. non PQC-ready, algorithms.
Migrating to PQC is not an option, rather a vital requirement to maintain your business continuity and security.
Exposure to "Harvest now, decrypt later" attacks
Unfriendly governments already start to harvest your data now, hoping that in the massive amount of data they capture at least one is critical and/or sensitive to your business and provides a competitive advantage.
2037: the security apocalypse?
Quantum computers are expected to reach maturity by 2037.*
By then they will be able to break all KEM currently in use (e.g. RSA, TLS, SSL...) meaning that no payment or data exchange, or else, will be secure anymore.
* Source: 2022-quantum-threat-timeline-report-dec poll with several CISOs.
Now is your chance: get Quantum-proof before Quantum hits
According to the CSA, a medium-size business asset's migration to PQC would need an inreducible 3-years time. Before that you must have already run your cryptographic inventory and risk assessment to prioritize assets to be migrated first and fast.
PQC migration: you have no choice but to climb that mountain
A triptyc of challenges
Even though successfully migrating to PQC will not be a sinecure, organizations who may rest on their laurels, considering there is way enough time to migrate, greatly risk facing the security apocalypse induced by Quantum.
The clock is ticking, don't miss the boat
Worry now AND act now! As you must first and foremost run an exhaustive cryptography inventory (architecture, assets and keys) and perform a risk assessment to prioritze the assets to migrate to PQC, you will reach the irreducible 3-years migration timeline before you even realize.
Gigantic transformation
It is not just about switching cryptography algorithms, rather mainly about identifying which KEM you used, for what assets, and why. In parallel prioritization of asssets to be migrating relies on whether their data shelf time overlapps the quantum-computing maturity time horizon.
Skills gap
While the cybersecurity industry is already short of 3.4million people, the cryptography skills gap is abyssal. Successfully migrating to PQC will require you to get support from the rare cryptographs worldwide. Futhermore to get your Board's investement approval, raising awareness on PQC is essential.
Embark on the PQC migration journey
PQC is to cybersecurity what the advent of the Internet was to IT
On your marks, set, go for the marathon to quantum-proof security!
Remember those who thought "there's time before it hits us" while the Internet bubble was growing?
In the end when they decided to get in the race, all the others had already reached the finish line.
The advent of PQC will be no different. Make sure not to miss the boat!
Awareness and education
Protecting yourself from quantum computers is a real challenge, and one that requires some serious math skills. Therefore stakeholders must understand the basics of PQC to ensure a successfull migration.
Cryptography inventory
Exhaustively identify all the Key Encryption Methods (KEM) used for each of your assets (application, file, network...), their data shelf time and sensitivity level.
Risk assessment
Assess the level of risk and exposure of leaving an asset with non-PQC KEM, hence exposing it to quantum brute-force attack and decryption.
Implementation
Start migrating the prioritized assets to PQC algorithms, and permanently deleting all the former instance.
Book a 1-hour consultation
Get started on your PQC migration journey with our experts: identifying what stage you are at, getting a clearer view of the stakeholders to onboard firt, and the key milestone to kick-off the project right.
Our PQC-ready cybersecurity solutions
Equip yourself with our quantum-proof cybersecurity products
Eviden Cybersecurity at a glance
6,500+
Cybersecurity experts
8
R&D centers
430
Digital security patents
100%
European-developed, manufactured and operated in-house security solutions, with a dedicated cryptographic business unit