Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Threats, opportunities and the need for post-quantum cryptography

Issue 1 2025 AI & Data Analytics, Infrastructure


Carrie Peter

The first quantum computer was created almost three decades ago, in 1998. Yet the topic still seems to illicit images of ‘Back to the Future’ for most. While its applications are still unknown to many, this advanced field combines computer science, physics, and mathematics to deliver solutions the world has been trying to find for aeons – and those it does not yet know it needs.

Rivalling classical computers and coming out on top, quantum computing uses quantum mechanics to find fast and complete answers to complex problems. According to Carrie Peter, Managing Director at Impression Signatures and Advocacy Committee Vice-Chair at the Cloud Signature Consortium, “Although it sounds futuristic, quantum computing is advancing at a rapid rate – certainly faster than expected. Today, many countries already possess their own quantum computers, with quantum computing even being available as a SaaS solution.”

As is the case with most technological developments, however, the opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. “The evolution of quantum computing puts the security of any data available in the digital space in jeopardy,” warns Peter.

IBM recently published an article about quantum computing noting that “quantum technology will soon be able to solve complex problems that supercomputers can’t solve, or can’t solve fast enough.” But what if the problem it’s trying to solve, is breaking through security firewalls or encryptions?

“This poses a massive threat to encryption as a quantum computer could decrypt traditional encryption in a fraction of the time. While this surely won’t halt the evolution of the quantum computer, it does mean that security must be bolstered,” adds Peter. Thankfully, global standards and security bodies have been hard at work developing and testing a new set of post-quantum encryption algorithms, with the first three standards being released on 13 August 2024.

As published by the National Institute of Standards and Technology (NIST), these new standards include the Federal Information Processing Standard (FIPS) 203, intended as the primary standard for general encryption; FIPS 204, intended as the primary standard for protecting digital signatures; and FIPS 205, also designed for digital signatures and employing the Sphincs+ algorithm.

Prepare for the risks of quantum computing

In parallel, as standards and security measures are fortified against the threats of quantum computing, it is essential that organisations begin paying attention to post-quantum cryptography (PQC). “Somewhat short-sightedly, many business leaders are countering the argument for PQC with the misguided belief that we are ‘years’ away from commercially available quantum computers,” says Peter. “The reality is that these computers are already being miniaturised and will likely come to market much sooner than expected.”

Additionally, putting PQC measures in place now will protect data from nefarious strategies such as Store-Now Decrypt-Later (SNDL). “This cyber threat entails storing large amounts of encrypted data now, in an effort to decode and use it later, once quantum computers become more widely available.”

In a recent blog entry, HP put it like this, “A sufficiently powerful quantum computer will break the cryptography we rely on in our digital lives. An attacker can intercept and store encrypted data today, and when quantum computers become feasible, the attacker could decrypt the stored data.”

Lastly, Peter motivated that companies need to start thinking about PQC now, because some devices (such as cars) that are being produced today will most certainly be on the road when quantum computing is proliferated. “In 2023, the US government already put out a mandate that companies must transition onto PQC as soon as possible. Now, with the release of the new standards, it is critical to take the need to transition onto PQC seriously.”

Of course, with many global standards being incorporated into these algorithms, any standards-based organisation or solution (such as digital signature providers) will be forced to adopt and comply with PQC. This means for users of these solutions, the switch to the more secure standard will be seamless.

However, it is important for companies to note that encryption is only as good as the authentication they apply while using encryption. “For organisations to guarantee that they are, in fact, secure, they must ensure appropriate access management, authentication, and zero trust within their organisations.”




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Who has access to your face?
Access Control & Identity Management Residential Estate (Industry) AI & Data Analytics
While you may be adjusting your privacy settings on social media or thinking twice about who is recording you at public events, the reality is that your facial features may be used in other contexts,

Read more...
Adding AI analytics to security monitoring
SEON South Africa News & Events Perimeter Security, Alarms & Intruder Detection Residential Estate (Industry) AI & Data Analytics
SEON has announced its latest integration with Refraime, an AI-powered video analytics platform designed to elevate CCTV surveillance through real-time object detection and intelligent alerting.

Read more...
Software security is a team sport
Information Security Infrastructure
Building and maintaining secure software is not a one-team effort; it requires the collective strength and collaboration of security, engineering, and operations teams.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Securing your estate beyond the gate
ATG Digital Access Control & Identity Management Residential Estate (Industry) AI & Data Analytics
Protecting gated communities and lifestyle estates requires a modern, intelligent approach. A truly intelligent system protects both physical and digital perimeters, it must be a fully integrated ecosystem.

Read more...
Make BIG and COMPLEX small and manageable
neaMetrics Suprema AI & Data Analytics Surveillance Integrated Solutions
Traditional CCTV and access systems often operate separately, creating gaps in visibility and efficiency. TRASSIR and Suprema have partnered to develop an integrated platform that improves security, operations, and situational awareness.

Read more...
Get the AI fundamentals right
Leaderware Editor's Choice Surveillance AI & Data Analytics
Much of the marketing for CCTV AI detection implies the client can just drop the AI into their existing systems and operations, and they will be detecting all criminals and be far more efficient when doing it.

Read more...
SMART Surveillance Conference in Johannesburg
Arteco Global Africa Technews Publishing SMART Security Solutions Axis Communications SA neaMetrics Editor's Choice Surveillance Security Services & Risk Management Logistics (Industry) AI & Data Analytics
SMART Security Solutions hosted its annual SMART Surveillance Conference in Johannesburg in July, welcoming several guests, sponsors, and speakers for an informative and enjoyable day examining the evolution of the surveillance market.

Read more...
Troye exposes the Entra ID backup blind spot
Information Security Infrastructure
If you trust Microsoft to protect your identity, think again. Many organisations naively believe that Microsoft’s shared responsibility model covers Microsoft Entra?ID – formerly Azure AD – but it does not.

Read more...
Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.