Policy, Standards & Regulation NewsSecurity & PQC News

UK NCS Issues Guidance on Preparing for PQC

The UK National Cybersecurity Centre (NCSC) has released a whitepaper titled “Next Steps in Preparing for Post-Quantum Cryptography,” which provides comprehensive guidance to help organisations and providers of Critical National Infrastructure (CNI) prepare for the migration to post-quantum cryptography (PQC). This publication is a follow-up to the NCSC’s 2020 report on the current state of quantum mitigation and aims to address the emerging challenges in cryptographic security in the quantum era.

The UK National Cyber Security Center (NCSC) has released a new whitepaper, titled “Next Steps: Preparing for Post-Quantum Cryptography”. This paper offers anticipatory insights into the profound impact of quantum computing on the field of cryptography and how businesses can prepare themselves. The whitepaper examines quantum computing and suggests a pragmatic approach to address it. Summary from the whitepaper:

  • Most PKC algorithms in use today will be vulnerable to a CRQC (Cryptoanalytically Relevant Quantum Computer). The best mitigation against the threat of quantum computers to traditional PKC is PQC.
  • The security of symmetric cryptography is not significantly impacted by quantum computers, and existing symmetric algorithms with appropriate key sizes can continue to be used.
  • PQC upgrades can be planned to take place within usual technology refresh cycles.
  • ML-KEM (Kyber) and ML-DSA (Dilithium) are algorithms selected for standardisation by NIST that are suitable for general purpose use. All proposed parameter sets provide an acceptable level of security for personal, enterprise and OFFICIAL-tier government information. The NCSC recommends ML-KEM-768 and ML-DSA-65 as providing appropriate levels of security and efficiency for most use cases.
  • The NCSC strongly advises that operational systems should only use implementations based on final standards.
  • If a PQ/T hybrid scheme is chosen, the NCSC recommends it is used as an interim measure that allows a straightforward migration to PQC-only in the future.

For detailed information and to access the full white paper, visit the NCSC official website: Next Steps in Preparing for Post-Quantum Cryptography.

Marin

I am the Founder of Applied Quantum (AppliedQuantum.com), a research-driven consulting firm empowering organizations to seize quantum opportunities and proactively defend against quantum threats. A former quantum entrepreneur, I’ve previously served as a Fortune Global 500 CISO, CTO, Big 4 partner, and leader at Accenture and IBM. Throughout my career, I’ve specialized in managing emerging tech risks, building and leading innovation labs focused on quantum security, AI security, and cyber-kinetic risks for global corporations, governments, and defense agencies. I regularly share insights on quantum technologies and emerging-tech cybersecurity at PostQuantum.com.
Share via
Copy link
Powered by Social Snap