Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
Review
. 2022 May;605(7909):237-243.
doi: 10.1038/s41586-022-04623-2. Epub 2022 May 11.

Transitioning organizations to post-quantum cryptography

David Joseph  1 Rafael Misoczki  2 Marc Manzano  3 Joe Tricot  3 Fernando Dominguez Pinuaga  3 Olivier Lacombe  2 Stefan Leichenauer  3 Jack Hidary  3 Phil Venables  2 Royal Hansen  2
Affiliations
Review

Transitioning organizations to post-quantum cryptography

David Joseph et al. Nature. 2022 May.

Abstract

Quantum computers are expected to break modern public key cryptography owing to Shor's algorithm. As a result, these cryptosystems need to be replaced by quantum-resistant algorithms, also known as post-quantum cryptography (PQC) algorithms. The PQC research field has flourished over the past two decades, leading to the creation of a large variety of algorithms that are expected to be resistant to quantum attacks. These PQC algorithms are being selected and standardized by several standardization bodies. However, even with the guidance from these important efforts, the danger is not gone: there are billions of old and new devices that need to transition to the PQC suite of algorithms, leading to a multidecade transition process that has to account for aspects such as security, algorithm performance, ease of secure implementation, compliance and more. Here we present an organizational perspective of the PQC transition. We discuss transition timelines, leading strategies to protect systems against quantum attacks, and approaches for combining pre-quantum cryptography with PQC to minimize transition risks. We suggest standards to start experimenting with now and provide a series of other recommendations to allow organizations to achieve a smooth and timely PQC transition.

PubMed Disclaimer

Similar articles

See all similar articles

Cited by

  • Leveraging Larger AES Keys in LoRaWAN: A Practical Evaluation of Energy and Time Costs.
    Thaenkaew P, Quoitin B, Meddahi A. Thaenkaew P, et al. Sensors (Basel). 2023 Nov 14;23(22):9172. doi: 10.3390/s23229172. Sensors (Basel). 2023. PMID: 38005557 Free PMC article.
  • Application and Development of QKD-Based Quantum Secure Communication.
    Lai J, Yao F, Wang J, Zhang M, Li F, Zhao W, Zhang H. Lai J, et al. Entropy (Basel). 2023 Apr 6;25(4):627. doi: 10.3390/e25040627. Entropy (Basel). 2023. PMID: 37190415 Free PMC article. Review.
  • Experimental Demonstration of Secure Relay in Quantum Secure Direct Communication Network.
    Wang M, Zhang W, Guo J, Song X, Long G. Wang M, et al. Entropy (Basel). 2023 Nov 16;25(11):1548. doi: 10.3390/e25111548. Entropy (Basel). 2023. PMID: 37998240 Free PMC article.
  • Technology Roadmap for Flexible Sensors.
    Luo Y, Abidian MR, Ahn JH, Akinwande D, Andrews AM, Antonietti M, Bao Z, Berggren M, Berkey CA, Bettinger CJ, Chen J, Chen P, Cheng W, Cheng X, Choi SJ, Chortos A, Dagdeviren C, Dauskardt RH, Di CA, Dickey MD, Duan X, Facchetti A, Fan Z, Fang Y, Feng J, Feng X, Gao H, Gao W, Gong X, Guo CF, Guo X, Hartel MC, He Z, Ho JS, Hu Y, Huang Q, Huang Y, Huo F, Hussain MM, Javey A, Jeong U, Jiang C, Jiang X, Kang J, Karnaushenko D, Khademhosseini A, Kim DH, Kim ID, Kireev D, Kong L, Lee C, Lee NE, Lee PS, Lee TW, Li F, Li J, Liang C, Lim CT, Lin Y, Lipomi DJ, Liu J, Liu K, Liu N, Liu R, Liu Y, Liu Y, Liu Z, Liu Z, Loh XJ, Lu N, Lv Z, Magdassi S, Malliaras GG, Matsuhisa N, Nathan A, Niu S, Pan J, Pang C, Pei Q, Peng H, Qi D, Ren H, Rogers JA, Rowe A, Schmidt OG, Sekitani T, Seo DG, Shen G, Sheng X, Shi Q, Someya T, Song Y, Stavrinidou E, Su M, Sun X, Takei K, Tao XM, Tee BCK, Thean AV, Trung TQ, Wan C, Wang H, Wang J, Wang M, Wang S, Wang T, Wang ZL, Weiss PS, Wen H, Xu S, Xu T, Yan H, Yan X, Yang H, Yang L, Yang S, Yin L, Yu C, Yu G, Yu J, Yu SH, Yu X, Zamburg E, Zhang H, Zhang X, Zhang X, Zhang X, Zhang Y, Zhang Y, Zhao S, Zhao X, Zheng Y, Zheng YQ, Zheng Z, Zhou T, Zhu B, Zhu M, Zhu R, Zh… See abstract for full author list ➔ Luo Y, et al. ACS Nano. 2023 Mar 28;17(6):5211-5295. doi: 10.1021/acsnano.2c12606. Epub 2023 Mar 9. ACS Nano. 2023. PMID: 36892156 Free PMC article. Review.
  • Efficient lattice-based revocable attribute-based encryption against decryption key exposure for cloud file sharing.
    Huang B, Gao J, Li X. Huang B, et al. J Cloud Comput (Heidelb). 2023;12(1):37. doi: 10.1186/s13677-023-00414-w. Epub 2023 Mar 11. J Cloud Comput (Heidelb). 2023. PMID: 36937653 Free PMC article.
See all "Cited by" articles

References

    1. Shor, P. W. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. In Proc. 35th Annual Symposium on Foundations of Computer Science 124–134 (Soc. Industr. Appl. Math., 1994). Shor’s quantum algorithm demonstrated how to factorize large integers in polynomial time, which is an exponential speed-up over the best classical algorithms.
    1. Bernstein, D. J. & Lange, T. Post-quantum cryptography. Nature 549, 188–194 (2017). - DOI
    1. Arute, F. et al. Quantum supremacy using a programmable superconducting processor. Nature 574, 505–510 (2019). - DOI
    1. Gidney, C. & Ekerå, M. How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits. Quantum 5, 433 (2021). Gidney and Ekerå describe the resources required to implement Shor’s algorithm to break today’s standard cryptography, assuming noisy qubits. - DOI
    1. Bennett, C. H. & Brassard, G. Quantum cryptography: public key distribution and coin tossing. Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing 175–179 (1984).

LinkOut - more resources