White House rolls out new timelines, mandates for ‘post quantum’ encryption replacement

The federal government’s plan to switch out its older encryption for newer algorithms capable of withstanding hacking threats from quantum computers received a big boost this week as the Biden administration rolled out new mandates and timelines for departments and agencies.

In a new national security memorandum issued Wednesday, the White House makes supremacy in the quantum realm the official policy of the United States and lays out a host of timelines and mandates for the “timely and equitable” replacement of classical, public-key encryption algorithms in federal systems and devices.

While quantum computers are still years away from posing a realistic threat to encryption, experts in cryptography and quantum science say it is only a matter of time before the emergence of a quantum computer capable of breaking through such classical, public-key encryption protocols — putting federal data at risk.

Such computers, the White House memo said, “could jeopardize civilian and military communications, undermine supervisory and control systems for critical infrastructure, and defeat security protocols for most Internet-based financial transactions.”

Within three months, agencies that develop, acquire or fund research into quantum computing must coordinate with the White House Director of the Office of Science and Technology Policy on a national strategy and workforce plan.

The memo places the Office of Management and Budget, the national cyber director, the directors of the Cybersecurity and Infrastructure Security Agency, the National Institute for Standards and Technology and the National Security Agency in charge of inventorying all federal systems and assets that rely on public-key algorithms, the form of classical encryption most likely to be broken by a future quantum computer.

That will clear the way for prioritizing the replacement of high-value or critical government systems, and individual agencies will have a year to submit their own inventories to CISA and the national cyber director, who must scope out budget and funding needs surrounding the transition by October 2023. Agencies will need to update these inventories on a yearly basis and provide periodic reports on efforts to replace high value systems.

It tasks the secretary of Commerce to form a working group of critical infrastructure owners and operators and other stakeholders to identify tools and datasets to help the National Institute for Standards and Technology develop guidance and best practices for implementing quantum resistant encryption. NIST will also stand up and lead a project through its National Cybersecurity Center of Excellence to engage with industry on the same issues. By November 2022, CISA and sector-risk management agencies must coordinate on a plan to engage critical infrastructure on their own migration plans.

That time may now for agencies like the NSA, which is moving forward with its own separate plan to replace the public-key encryption algorithms underpinning the systems and data at intelligence agencies. Charged with guarding some of the country’s most sensitive secrets, these agencies are under heightened risk that foreign governments may decide to hoover up and collect as much encrypted data as possible today, in the hopes of cracking them down the line when quantum technologies mature.

Waiting on NIST

NIST has been working for years to study and vet a handful of new quantum-resistant algorithms that can withstand quantum-based hacks. That selection process is expected to be finalized this year, but NIST officials have told SC Media that the new standards won’t be operational until 2024 or 2025, and it is expected to take years for an organization as large as the federal government to complete the task. The White House memo puts a formal date on this expectation, laying out a goal of replacing all public-key encryption in the federal government by 2035.

NIST’s standards are not just used by the federal government — they influence and underpin industry standards in the United States and abroad. In a nod to this role, many of the timelines laid out by the White House are tied to the finalization of those standards.

When the agency does eventually release its standards, civilian agencies will have three months to lay out estimated timelines for the expected deprecation of cryptographic standards in existing IT security guidance, with the goal of moving the maximum number of systems off quantum-vulnerable cryptography within a decade.

The memo also explicitly bars federal agencies from buying or procuring technology labeled as “quantum resistant” until NIST standards are complete, though they are permitted to test such technologies to identify potential interoperability issues.

As SC Media has previously reported, the looming threat of quantum-based hacks, widespread confusion over when precisely the technology will mature to the point of being a credible threat and a dearth of official standards has created a vacuum in the quantum encryption market. That vacuum has been filled by a cottage industry of vendors selling solutions that promise to protect buyers from quantum-based hacks in the future.

NIST officials have repeatedly warned organizations not to jump the gun and purchase or implement these solutions yet, saying they are unvetted and may not offer real protection against the (still mostly theoretical) capabilities of a quantum computer. While some of these companies have tied their own products to algorithms that are current finalists in the NIST process, that also does not guarantee that they will work as intended. Dustin Moody, a NIST mathematician, told SC Media last year that in each round of their post-quantum cryptography selection process, they have discovered previously unknown or unforeseen weakness in one of the algorithms.