Countering quantum-based
threats
National Security Agency to Require NSS Operators to Implement Quantum Protection Algorithms
The National Security Agency will require National Security System owners to implement algorithms by 2030 that will protect critical networks from quantum-based threats.
The requirement is part of new directives featured in the NSA’s Commercial National Security Algorithm Suite 2.0. The document is meant to protect NSS and other related assets from evolving threats, such as cryptanalytic attacks.
Under the directive, NSS owners, operators and vendors are asked to immediately start transitioning to allow new software and firmware to use CNSA 2.0 signing algorithms by 2025. Technologies that have been deployed and are compliant with CNSA 1.0 are also required to implement new algorithms by 2025, FCW reported Thursday.
The NSA wants CNSA 2.0 to be used exclusively by NSS owners for software and firmware signing. The agency has also set quantum protection algorithm milestones for networking equipment, operating systems, legacy operations and other specialty equipment.
Rob Joyce, the director of cybersecurity at the NSA, said in a statement that the directive should inform officials to plan and budget for the expected transition.
Quantum computing technology has the potential to break encryption codes. In an article for the American Scientist, information security researcher Dorothy Denning said advanced quantum computers could crack public-key encryption and their more sophisticated counterparts in just a matter of hours.
Denning stated that researchers have been working to develop public-key algorithms that can defend against quantum threats. According to the researcher, the National Institute of Standards and Technology is evaluating over 60 new methods for “post-quantum cryptography” and expects to have a draft standard by 2024 or earlier.
The standard, once approved, would be integrated into web browsers and internet systems.
Category: Cybersecurity
Tags: Commercial National Security Algorithm Suite 2.0 cybersecurity Dorothy Denning FCW National Institute of Standard and Technology National Security Agency National Security System network security quantum computing Rob Joyce
