Open for Public Comment: NCCoE Releases Two Preliminary Drafts for Migration to Post Quantum Cryptography Project
[lnks.gd]
This is an updated notification with the correct date.
The NIST
National Cybersecurity Center of Excellence (NCCoE) [lnks.gd] has released two preliminary draft practice guides for
Migration to Post-Quantum Cryptography Project for public comment.
The comment period is open now through February 20, 2024.
NIST SP 1800-38B,
Quantum Readiness: Cryptographic Discovery, is a preliminary draft offering (1) a functional test plan that exercises the cryptographic discovery tools to determine baseline capabilities; (2)
a use case scenario to provide context and scope our demonstration; (3) an examination of the threats addressed in this demonstration; (4) a multifaceted approach to start the discovery process that most organizations can start today; and (5) a high-level
architecture based on our use case that integrates contributed discovery tools in our lab.
NIST SP 1800-38C, Quantum Readiness: Testing Draft Standards for Interoperability and Performance, is a preliminary
draft offering (1) identification of compatibility issues between quantum ready algorithms, (2) resolution of compatibility issues in a controlled, non-production environment, and (3) reduction of time spent by individual organizations performing similar interoperability
testing for their own PQC migration efforts.
About the Project
NIST’s NCCoE initiated the Migration to Post-Quantum Cryptography (PQC) project to share insights and findings to ease migration from current public-key cryptographic algorithms to
soon-to-be standardized PQC algorithms.
Why migrate to PQC? PQC algorithms are being standardized because advances in
quantum computing could enable the compromise of many of the current cryptographic algorithms being widely used to protect digital information. Implementing PQC will protect digital information from an attack by cryptanalytically relevant quantum computer
(CRQC) and cryptanalytically relevant classical computer.
Why did the NCCoE start this project? Previous initiatives to update or replace
cryptographic algorithms in hardware, firmware, operating systems, communication protocols, cryptographic libraries, and applications employed in data centers on-premises or in the cloud and distributed compute, storage, and network infrastructures have taken
many years. The NCCoE identified the need to bring together a collaborative team with expertise in cryptography to work together in the NCCoE PQC lab to perform cryptographic discovery and share what we have learned together as one means to reduce how long
it will take an organization to achieve quantum readiness via PQC adoption.
Why should I read the
Cryptographic Discovery
publication? The publication assumes you are supporting your
organization’s quantum readiness project, and you have a need for information to assess the risk of a CRQC to your organization. The information you need comes from discovery of where and how cryptographic products, algorithms, and protocols are used by your
organization to protect the confidentiality and integrity of your organization’s important data and digital systems. This publication shares insights and findings about cryptographic discovery tools that may aid your progress.
Why should I read the
Interoperability and Performance publication?
The publication assumes you are supporting upgrading your use of quantum-vulnerable public-key cryptographic implementations, and you want to build your understanding of aspects of interoperability and performance for the soon-to-be standardized PQC algorithms
to determine your approach for making your public-key cryptographic implementations quantum-resistant.
Submit Comments
The public comment period for both Migration to PQC preliminary drafts, 1800-38B and 1800-38C, closes on
February 20, 2024.
-
View
the publications [lnks.gd].
-
Submit comments via the webform on the
project page [lnks.gd].
-
Email questions to
applied-crypto-pqc@nist.gov.
Why should I submit comments? We value and welcome your input on ways we can improve the publication and look forward to your comments.
Join the Community of Interest
If you would like to help shape this project, consider joining the NCCoE Migration to Post-Quantum Cryptography Community of Interest (COI) to receive the latest project news and
updates! Join
here [lnks.gd].
NIST Cybersecurity and Privacy Program
Questions/Comments about this notice:
applied-crypto-pqc@nist.gov
NCCoE Website questions: nccoe@nist.gov
|