Why start preparing now for the Quantum Threat

The argument for starting now, to address the threat that quantum computers will pose to existing security systems, is based on the following considerations: 1. cryptographic technologies are integrated into most of the digital products commonly used by organizations to run their daily operations; ^[https://www.cyber.gc.ca/en/guidance/using-encryption-keep-your-sensitive-data-secure-itsap40016] 2. some of the applications and systems used within energy, transportation, finance and government infrastructures have product lifetimes of 15 - 30 years, and even longer requirements for data protection and privacy; 3. fault-tolerant quantum computers, capable of breaking existing asymmetric encryption algorithms and cryptographic systems (e.g., public-key infrastructures), are widely expected to be available within the above timeline (e.g., by 2035); ^[https://www.whitehouse.gov/briefing-room/statements-releases/2022/05/04/national-security-memorandum-on-promoting-united-states-leadership-in-quantum-computing-while-mitigating-risks-to-vulnerable-cryptographic-systems/] 4. the time needed to migrate installed cryptographic technologies (e.g., SHA1) to newer standards can take many years; ^[https://www.computerworld.com/article/1680543/the-sha1-hash-function-is-now-completely-unsafe.html] 5. the number of cryptographic systems that organizations will need to migrate to use new “quantum-safe” cryptography will be large; and 6. most organizations have no clear view of the cryptographic technologies used by their existing Information Management (IM), Information Technology (IT) and Operational Technology (OT) systems; this will make it difficult to discover and then prioritize the systems to be upgraded to post-quantum cryptography. ^[https://www.dhs.gov/sites/default/files/publications/post_quantum_cryptography_faq_3_seals_october_2021_508.pdf] Migrating an organisation’s cryptographic systems to PQC will require significant effort. Organizations should begin planning now given that: - the effort and time needed (e.g., to investigate, analyse, plan, procure, migrate, and validate new PQC) will not be small, and it will be different for every organization; and - the amount of time remaining (until threat actors can access sufficiently powerful quantum computers to break existing cryptography) will decrease every day.