All Post-Quantum, PQC Posts
-
Post-Quantum, PQC, Quantum Security
Mitigating Quantum Threats Beyond PQC
The article explores limitations of PQC and explores alternative and complementary approaches to mitigate quantum risks. It provides technical analysis of each strategy, real-world examples of their deployment, and strategic recommendations for decision-makers. The goal is to illuminate why a diversified cryptographic defense – beyond just rolling out new algorithms – is essential to achieve long-term resilience against quantum-enabled adversaries.
Read More » -
Post-Quantum, PQC, Quantum Security
Introduction to Crypto-Agility
As we edge closer to the Q-Day—the anticipated moment when quantum computers will be capable of breaking traditional cryptographic systems—the need for crypto-agility becomes increasingly critical. Crypto-agility is the capability of an organization to swiftly and efficiently transition between different cryptographic algorithms and protocols in response to emerging threats and technological advancements.
Read More » -
Post-Quantum, PQC, Quantum Security
Post-Quantum Cryptography (PQC) Introduction
Post-Quantum Cryptography (PQC) refers to cryptographic algorithms (primarily public-key algorithms) designed to be secure against an attack by a future quantum computer. The motivation for PQC is the threat that large-scale quantum computers pose to current cryptographic systems. Today’s widely used public-key schemes – RSA, Diffie-Hellman, and elliptic-curve cryptography – rely on mathematical problems (integer factorization, discrete logarithms, etc.) that could be easily solved by…
Read More » -
Post-Quantum, PQC, Quantum Security
Common Failures in a Quantum Readiness Program
Even well-run quantum readiness programs can stumble. Here are some common pitfalls in crypto-agility/PQC efforts and how to avoid them: Treating PQC as a simple library or drop-in swap. Perhaps the biggest mistake is underestimating the ecosystem changes required. Simply implementing a PQC algorithm in code but ignoring the surrounding systems (PKI, certificates, protocols) is a recipe for trouble.
Read More » -
Post-Quantum, PQC, Quantum Security
Dos & Don’ts of Crypto Inventories for Quantum Readiness
Relying on asset owners, developers or IT personnel to identify and report in interviews or survey responses every instance of cryptographic usage is not just impractical; it simply does not work...
Read More » -
Post-Quantum, PQC, Quantum Security
Planning the First Year of a Quantum Readiness Program
Embarking on a quantum readiness program can be daunting, so it’s helpful to break it into phases with concrete goals. Below is a pragmatic 12-month plan (roughly divided into phases) that a CISO-led team could follow. Based on a medium-size financial services company. This assumes you’re starting from little/no quantum readiness and want to establish momentum quickly:
Read More » -
Quantum Computing
Glossary of Quantum Computing Terms
Glossary of Quantum Computing, Quantum Networks, Quantum Mechanics, and Quantum Physics Terms for Cybersecurity Professionals.
Read More » -
Post-Quantum, PQC, Quantum Security
Cryptography in a Modern 5G Call: A Step-by-Step Breakdown
Modern telecommunications networks rely on multiple layers of cryptography at every step of a call or data session. Understanding the complexity of the process and the amount of cryptography involved is critical for post-quantum migration planning - an initiative some of my advanced telecommunications clients are kicking off these days. And many are widely underestimating how much cryptography is used. From the moment a user’s…
Read More »
