Post-quantum cryptography: Difference between revisions
From ACT Wiki
Jump to navigationJump to search
(Create page - sources - BIS & National Cybersecurity Centre - https://www.bis.org/publ/othp67.pdf - https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography) |
(Add link.) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 13: | Line 13: | ||
:"Quantum computers represent a serious threat for the financial system. If they become | :<span style="color:#4B0082">'''''Quantum security threat must be urgently addressed'''''</span> | ||
practicable, they could be used to compromise the security of the current mainstream cryptographic protocols upon which the financial system relies to secure data | |||
and transactions. | :"Quantum computers represent a serious threat for the financial system. If they become practicable, they could be used to compromise the security of the current mainstream cryptographic protocols upon which the financial system relies to secure data and transactions. | ||
:In the mid-1990s, researchers created quantum algorithms that – at least in theory and given a sufficiently powerful quantum computer – could break today’s widely used public key cryptographic schemes. | :In the mid-1990s, researchers created quantum algorithms that – at least in theory and given a sufficiently powerful quantum computer – could break today’s widely used public key cryptographic schemes. | ||
Line 22: | Line 22: | ||
:While functional quantum computers are not yet available, the security threat needs to be urgently addressed. | |||
:While functional quantum computers are not yet available, the security threat needs to be | |||
urgently addressed. | |||
:Already, malicious actors can intercept and store confidential, classically encrypted data with the intention of decrypting it later when quantum machines become powerful enough to do so. | :Already, malicious actors can intercept and store confidential, classically encrypted data with the intention of decrypting it later when quantum machines become powerful enough to do so. | ||
Line 31: | Line 28: | ||
:This means that data stored or transmitted today are, in fact, exposed to “harvest now, decrypt later” attacks by a future quantum computer. | :This means that data stored or transmitted today are, in fact, exposed to “harvest now, decrypt later” attacks by a future quantum computer. | ||
:The long-term sensitivity of financial data means that the potential future existence of a | :The long-term sensitivity of financial data means that the potential future existence of a quantum computer effectively renders today’s systems insecure. | ||
quantum computer effectively renders today’s systems insecure. | |||
:The aim of Project Leap is to help secure the financial system against this threat..." | :The aim of Project Leap is to help secure the financial system against this threat..." | ||
Line 40: | Line 36: | ||
== See also == | == See also == | ||
* [[Algorithm]] | |||
* [[Bank for International Settlements]] (BIS) | * [[Bank for International Settlements]] (BIS) | ||
* [[Confidentiality]] | * [[Confidentiality]] | ||
Line 64: | Line 60: | ||
* [https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography Next steps in preparing for post-quantum cryptography - UK National Cybersecurity Centre] | * [https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography Next steps in preparing for post-quantum cryptography - UK National Cybersecurity Centre] | ||
[[Category:Identify_and_assess_risks]] | [[Category:Identify_and_assess_risks]] | ||
[[Category:Manage_risks]] | [[Category:Manage_risks]] | ||
[[Category:The_business_context]] | [[Category:The_business_context]] |
Latest revision as of 04:27, 21 March 2024
Cryptography - quantum computing.
(PQC).
Cryptography is the theory and practice of encrypting information to ensure its confidentiality and security.
Post-quantum cryptography means future improved cryptography designed to be secure against attacks using quantum computing.
Post-quantum cryptography is also known as quantum-resistant cryptography.
(Although some commentators also speak and write about "quantum proof" and "quantum safe", such names may overstate the degree of safety that can be achieved.)
- Quantum security threat must be urgently addressed
- "Quantum computers represent a serious threat for the financial system. If they become practicable, they could be used to compromise the security of the current mainstream cryptographic protocols upon which the financial system relies to secure data and transactions.
- In the mid-1990s, researchers created quantum algorithms that – at least in theory and given a sufficiently powerful quantum computer – could break today’s widely used public key cryptographic schemes.
- This would instantly render obsolete many current cryptographic techniques, threatening the foundations of our financial services infrastructure and severely impacting financial stability.
- While functional quantum computers are not yet available, the security threat needs to be urgently addressed.
- Already, malicious actors can intercept and store confidential, classically encrypted data with the intention of decrypting it later when quantum machines become powerful enough to do so.
- This means that data stored or transmitted today are, in fact, exposed to “harvest now, decrypt later” attacks by a future quantum computer.
- The long-term sensitivity of financial data means that the potential future existence of a quantum computer effectively renders today’s systems insecure.
- The aim of Project Leap is to help secure the financial system against this threat..."
- Quantum-proofing the financial system - Project Leap - Bank for International Settlements - June 2023.
See also
- Algorithm
- Bank for International Settlements (BIS)
- Confidentiality
- Cryptography
- Financial services
- Financial stability
- Information technology
- Infrastructure
- Key
- Private key
- Public key encryption
- Public key infrastructure
- Quantum computing
- RSA encryption
- Security
- Transport Layer Security
- Validating node