Why and Where the PQC Market is Gaining Traction

While still fairly immature, the advance of post quantum cryptography (PQC) has crossed a number of important milestones in the last year. In this article, Michela Menting, cybersecurity applications research director at ABI Research, provides a snapshot of various policy positions across countries leading in PQC development.

Driven by standardization development organizations (SDOs) initially to define algorithms, protocols, and recommended implementations for various applications, PQC’s continued development and eventual adoption will be reliant upon government endorsement of particular standards and effective policy guidance on PQC migration. 

United States

The United States is the most advanced country, to date, on both the standardization front and in driving a coordinated national strategy with supporting policy and recommendations.

The U.S. National Institute of Standards and Technology (NIST) is the foremost standardization organization for PQC algorithms (see the project page hereOpens a new window ). It began the process in 2017 with an open call for candidate algorithm submission for key encapsulation mechanisms (KEMs) and digital signature algorithms (DSAs), with the goal being to standardize the most promising ones. Most other SDOs (national and international), national certification and regulatory agencies, and industry groups are waiting for the NIST PQC standardization process to be complete and the standards published before providing their own recommendations and solutions, most of which will be based largely on NIST’s final algorithmic choices.

In July 2022, NIST announced the first batch of algorithms that had been selected for standardization (see the table below). A second batch (Round 4) is set to be announced in 2023, and a new call for proposals for DSAs was also launched. It is expected that NIST will publish the first PQC standards in the 2024 to 2025 time frame.

In the United States, there is already significant coordination of and investment in developing quantum in general (e.g., communications, computing, networks, etc.) and cybersecurity within the quantum. These efforts have been boosted by a series of policy documents and regulatory initiatives that are driving PQC planning and action within the country:

• • A January 2022 MemorandumOpens a new window on Improving the Cybersecurity of National Security, Department of Defense, and Intelligence Community Systems, which refers to planning for use of quantum-resistant cryptography.
  • A May 2022 National Security MemorandumOpens a new window on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems
  • A May 2022 Executive OrderOpens a new window on Enhancing the National Quantum Initiative Advisory Committee
  • In December 2022, U.S. President Joe Biden signed the Quantum Computing Cybersecurity Preparedness ActOpens a new window .

The U.S. influence in this sphere is significant and internationally respected, as are U.S. standardization efforts, particularly because they are multi-disciplinary and internationally inclusive and will drive recommendations and best practices in other national and industry PQC agendas.

See More: Post-Quantum Cryptography: Are You Prepared for “Y2Q”?

France

France’s influence in the quantum and crypto space is also global, and the country is highly focused on driving PQC technology development and market emergence. In January 2022, the French national security agency (Agence nationale de la sécurité des systèmes d’information (ANSSI)) published a position paper. It recommended immediately introducing PQ defenses throughout the private sector. The paper proposes a provisional transition agenda for PQC:

• • Phase 1 (today): “Hybridation” to provide some additional PQ defense-in-depth to the pre-quantum security assurance.
  • Phase 2 (not earlier than 2025): “Hybridation” to provide PQ security assurance while avoiding any pre-quantum security regression.
  • Phase 3 (probably not earlier than 2030): Optional standalone PQ cryptography.

In its position paper, ANSSI does not endorse any replacement of currently used algorithms in the short and medium term. However, it states that the chosen algorithm should have stable and well-studied specifications (e.g., be a NIST finalist or a trusted alternate finalist). Further, ANSSI recommends that organizations should not postpone deployments and encourages them to start planning their PQ transition now.

Germany

Germany’s BSI (the country’s federal cybersecurity authority) positionOpens a new window in terms of PQ transition is similar to that published by France’s ANSSI. The BSI recommends that PQC should be used in hybrid mode (for key agreement procedures and signature schemes). Hash-Based Signatures (HBSs) can be used on their own (i.e., not in hybrid mode). The BSI states that stateful schemes should only be used in systems where the reuse of key material can be excluded.

Beyond that, the BSI has already endorsedOpens a new window the use of a few PQC algorithms, something ANSSI has not yet done (see the table below).

Germany’s Federal Ministry of Education and Research (BMBF) is promoting the development of long-term secure cryptography and its efficient implementation as part of the Federal Government’s research framework program on Information Technology (IT) security titled “Self-determined and secure in the digital world 2015-2020.”

China

The Chinese Association for Cryptographic Research (CACR) launched a nationwide cryptography algorithm competition in 2020 for KEM/Public Key Encryption (PKE) and DSA. The competition, however, was open only to Chinese candidates, and information on the candidates was not widely available. The winners were announced publicly (see the table below), and some additional information on primary designers has been made publicly availableOpens a new window in various international SDO forums, including the International Telecommunication Union (ITU) and ETSI.

While there is little interest in Chinese standards for industry usage outside of China, the CACR-chosen winners will be significantly influential within the country and for domestic market developments. It appears some of the winners are variants of NIST candidate standards, and China is clearly watching the NIST standardization process as intently as others in the field.

Japan

The Cryptography Research and Evaluation Committee (CRYPTREC), in partnership with the National Institute of Information and Communication Technologies (NICT) and the Information-technology Promotion Agency (IPA), is tasked with evaluating and monitoring the security of cryptographic techniques used in Japanese e-Government systems. The Cryptanalysis Evaluation WG is in charge of evaluating and approving candidate ciphers. The WG published a number of reports on PQC as early as 2015.

CRYPTREC expects to start developing PQC guidelines during the 2022 to 2023 period, and strong participation from Japanese industry is expected, with some industry players also actively involved in other international standardization efforts.

See More: Post-Quantum Cryptography: Nine Industries at Risk From “Y2Q”

United Kingdom

The United Kingdom appears to be more focused on Quantum Key Distribution (QKD) than PQC, and its efforts around innovation and driving market adoption are more limited than the other countries mentioned above. The National Cyber Security Centre (NCSC) has published a position paperOpens a new window on preparing for PQC. The NCSC guidance for PQC algorithms will follow the outcome of the NIST process by recommending specific chosen algorithms for representative use cases. It recommends waiting for the publication of the NIST standards before integrating any PQC algorithms into market products. However, it does offer to advise organizations directly on deploying mitigation strategies if requested. It does not recommend early adoption of non-standardized PQC.

Much of the research and innovation seems to be coming out of academia, with many U.K. PQC startups being spinoffs of U.K. university programs and projects. These seem to have greater international influence on international SDO efforts than the U.K. government.

The Future of Post Quantum Cryptography

As the migration towards post quantum cryptography continues, enterprises must collectively focus on avoiding mistakes made in the past to ensure high assurance security for users. While the debate around non-standardised PQC is on, it should not deviate or stall growth when it comes to leveraging PQ defenses in the private or public sectors. It would be interesting to observe the field as governments fine-tune regulations around standards and policy to ensure highest effectiveness. 

How are you preparing for the changing PQC field? Share your thoughts with us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window .

Image Source: Shutterstock

MORE ON CRYPTOGRAPHY

• Next-Generation Cryptography: How to Secure Your Data Like Never Before
• PKI Silos, Post-Quantum Crypto and Other Emerging Trends in Cryptography
• Mainstream Crypto-Agility and Other Emerging Trends in Cryptography
• What are Public Key Cryptography Standards (PKCS)? Meaning, Specifications, and Importance

About Expert Contributors: The Expert Contributor program is designed to help kickstart meaningful conversations around the priorities and challenges most critical to C-level executives. The insights and perspectives will help CIOs tackle what’s most important to them. We are always looking for industry thinkers who can help set the narrative for our enterprise audience. To know more about this program, and submit your ideas, reach out to the Spiceworks News & Insights Editorial team at editorial-toolbox@ziffdavis.comOpens a new window .