NCSC’s quantum safety deadlines too optimistic say industry insiders

‘I’d halve all those numbers’

The NCSC’s advisory deadline of 2035 for organisations to introduce quantum-safe algorithms is too late, according to some industry insiders.

The UK cyber agency released guidance last week outlining steps companies should take to prepare for the advent of encryption-cracking quantum computing, along with three deadlines: 2028 - have plans in place to ditch vulnerable cryptosystems; 2030 - update the most critical systems to use post-quantum cryptography (PQC); 2035 update remaining systems.

The unspoken assumption is that a quantum computer capable of cracking the encryption that protects emails, bank transactions and ecommerce won’t arrive until 2030 at the earliest. That’s a risky gamble, according to Chris Erven, CEO and co-founder of Bristol-based KETS Quantum Security.

“I’d halve all those numbers,” he told Computing.

Erven is not the only one. The Australian government recently said it would ditch SHA-256, RSA, ECDSA and ECDH and other vulnerable algorithms by 2030.

Kevin Kirkwood, CISO at security vendor Exabeam, added, “If companies and governments wait until 2035 to be thinking about their quantum defences, then they will be critically behind.”

Vendor FUD? Possibly, but there’s no doubt that quantum computing is on something of a roll.

Technology rarely develops in a linear fashion. Erven pointed to the example of the Human Genome Project. “Nothing was happening for eight years, then in the last two years suddenly we mapped the genome.”

Two points in particular suggest a similar inflexion point in quantum computing, he said. First, the big players seem to be making major breakthroughs in error correction, long a stubborn roadblock. Second is the commercial advent of quantum interconnects that link quantum processors, allowing them to work together in clusters.

“All of a sudden you've got IonQ purchasing ID Quantique for exactly that purpose. Other are already there. You've got people like PsiQuantum that literally are plugging into the Stanford Linear Accelerator for their cryogenic cooling so they can make a massive computer.”

What about the hardware?

Absent from the NCSC’s advice was any mention of quantum key distribution (QKD), quantum random number generators (QRNG) or other hardware-based security systems. The agency likely wished to maintain a clear focus on algorithms, but to protect critical infrastructure such as telecoms, backbone networks and banking networks, in a strength-in depth approach quantum-safe hardware will need to be part of the picture.

“We would say implement PQC but don't stop, keep going. Let's get quantum-safe hardware into the mix for all our critical infrastructure,” said Erven, whose company makes such equipment. “They're not either fighting against each other. Each needs the other.”

NCSC announced that it would be piloting a scheme to assure consultancies with skills to implement quantum-safe encryption. Erven welcomed this decision, urging the authorities to join with existing efforts such as QAssure, an Innovate UK project led by BT aimed at establishing security assurance procedures for quantum hardware.

“I wish they'd get a bit more involved in that, because it's same thing. Let's establish some [universal] security assurance procedures.”

Opportunity for the UK

The UK has an opportunity to take the lead in quantum security, given the turmoil in the US and rumoured cuts to NIST, Erven added.

“There's a huge opportunity for the UK to take up this mantle. I think that we could really be world leaders, because we've got a world leading national quantum programme that you can couple with what we've already got at NCSC. That's just as good as NSA and NIST.”

NCSC has been contacted for comment.

Want to know more? Computing 's Cybersecurity Festival returns to London in May, where senior IT decision makers can learn about modern challenges, compare strategies with peers, and source solutions. Click here to register for free.