Speakers
Synopsis
Quantum computing has been the subject of significant investment and development in recent years. It is expected that an important potential application of a quantum computer will be to break current popular public key encryption standards such as RSA and elliptic curve standards. Although estimates vary for how far away such technology is from being practically implementable, and how much it might cost, the security profession needs to be aware of the threat and start planning how to respond.
Various solutions have been proposed, but the most practical solution currently is to change the encryption algorithms to ones that are expected to be resistant to quantum computer attack – known as post-quantum cryptography or PQC. The US standards organisation NIST announced new recommended algorithms for PQC in August 2024, but there is still a long way to go between these new FIPS standards to successful implementation and deployment of PQC.
In this talk we will provide practical guidance to help organisations to understand the risks, prioritise what they need to do, and how to develop a pragmatic roadmap to get there.
The presentation will cover the following topics:
- What is quantum computing? How good are the current quantum computers, and what are the key issues to be addressed to actually build a quantum computer that could threaten some of our current encryption systems?
- What encryption is potentially vulnerable, and what do you need to worry about, and when?
- Beyond the NIST standards, what else is needed to enable successful implementation and deployment of PQC, and what lessons can we learn from some of the early adopters?
- So what? What should organisations be doing now, and what are the potential future roadmaps to mitigate the risks and exploit the opportunities?