All Post-Quantum, PQC Posts
-
Post-Quantum, PQC, Quantum Security
Quantum Computing Risks to Cryptocurrencies – Bitcoin, Ethereum, and Beyond
Cryptocurrencies like Bitcoin and Ethereum derive their security from cryptographic algorithms – mathematical puzzles that are practically impossible for classical computers to solve in any reasonable time. However, the emergence of quantum computing threatens this security assumption. Unlike classical machines, quantum computers leverage quantum mechanics to perform certain computations exponentially faster, potentially breaking the cryptographic foundations of blockchain systems. While quantum computers remain in their…
Read More » -
Post-Quantum, PQC, Quantum Security
Rethinking Crypto-Agility
At its core, crypto-agility means being able to swiftly swap out cryptographic algorithms or implementations when weaknesses emerge. In an ideal world, an organization could “drop in” a new encryption algorithm as easily as a software patch, ensuring they stay ahead of threats like quantum computing. The goal is admirable - if you’re nimble in updating encryption, migrating to stronger algorithms is “no big deal”.…
Read More » -
Post-Quantum, PQC, Quantum Security
Law Enforcement in the Quantum Computing Era
Law enforcement agencies occupy a unique position in the context of the quantum threat. They are both protectors of society’s security and heavy users of sensitive information systems, which makes them especially exposed if those systems are compromised. Here’s why law enforcement is special: Highly Sensitive Data: Police and investigative agencies handle data that could be devastating if leaked – witness identities, undercover operations, criminal…
Read More » -
Post-Quantum, PQC, Quantum Security
Cybersecurity Negligence and Personal Liability: What CISOs and Board Members Need to Know
“Could I personally be sued or fined if our company gets breached?” This uneasy question is crossing the minds of many CISOs and board members lately. High-profile cyber incidents and evolving regulations have made it clear that cybersecurity is not just an IT problem - it’s a corporate governance and legal liability issue. Defining “Reasonable” Cybersecurity: From Learned Hand to Global Standards What does it…
Read More » -
Post-Quantum, PQC, Quantum Security
Quantum Security: Understanding the Terminology and Context
"Quantum security" is a term that is increasingly being used. With everyone having their own definition of the term. It can carry multiple meanings depending on context, but so do other related terms. The whole field is fairly new and related terms are not yet clearly defined. So this is my attempt to untangle the ambiguity by exploring what quantum security commonly refers to, how…
Read More » -
Post-Quantum, PQC, Quantum Security
Upgrading OT Systems to Post‑Quantum Cryptography (PQC): Challenges and Strategies
Operational Technology (OT) environments, such as industrial control systems and critical infrastructure, are especially at risk due to their long-lived devices and infrequent updates. Many OT systems deployed today will still be in use a decade or two from now, well within the timeframe experts anticipate quantum attacks to become practical. The most critical OT systems will likely be the last to become quantum safe…
Read More » -
Post-Quantum, PQC, Quantum Security
Quantum Risk: The Coming Cryptography Reckoning
In a secure data center somewhere, an adversary is quietly stockpiling encrypted emails, financial transactions, and state secrets - betting that within a decade a new kind of machine will decrypt them in minutes. This scenario underpins what cybersecurity experts are calling "quantum risk." In essence, quantum risk is the looming threat that advances in quantum computing will shatter the cryptographic safeguards protecting our digital…
Read More » -
Post-Quantum, PQC, Quantum Security
Cryptographic Bill of Materials (CBOM) for an Open RAN-Based Telecom RAN
Based on anonymized results of a project, I will try to illustrate key parts of a comprehensive Cryptographic Bill of Materials (CBOM) for a telecom Radio Access Network (RAN) implementation based on the Open RAN architecture. I enumerate all cryptographic mechanisms across the control plane, user plane, management interfaces, and orchestration layers of the RAN. Both standardized algorithms (e.g. 3GPP-defined ciphers like SNOW 3G, AES, ZUC)…
Read More »
