Lost in the debate over if, or when, a quantum computer will decipher encryption models is the need for post-quantum cryptography (PQC) to become part of organizations’ tech stacks and zero-trust strategies. Enterprises need to follow the lead Cloudflare has taken and design PQC as a core part of their infrastructure, with the goal of extending zero trust beyond endpoints.
Four sessions covered cryptography at the RSAC this year. The one that provided the most valuable insights was the Cryptographer’s Panel hosted by Dr. Whitfield Diffie, ForMemRS, Gonville and Caius College, Cambridge, with panelists Clifford Cocks, independent consultant; Anne Dames, IBM Infrastructure; Radia Perlman, Dell Technologies; and Adi Shamir, the Weizmann Institute, Israel.
Dr. Shamir is a noted authority on cryptography, having contributed research and theory in the area for decades. Dr. Shami says that he doesn’t believe quantum computing to be an immediate threat, but RSA or elliptic curve cryptography could become vulnerable to decryption in the future.
Anne Dames of IBM warned that enterprises need to start thinking about which of their systems are most threatened by potential rapid advances in quantum computing. She advised the audience that public key cryptography systems are the most vulnerable ones.
“Today, companies are facing AI- and machine learning-assisted crypto-attacks and other cryptographic threats that find vulnerabilities in software and hardware implementations,” writes Lisa O’Connor, managing director, Accenture Security, cybersecurity R&D, Accenture Labs. “If this weren’t worrisome enough, we’re one year closer to the breaking point of our 40-year-old cryptographic schema, which could bring business as we know it to a screeching halt. Quantum computing will break these cryptographic fundamentals.”…
By Louis Columbus
Read Full Source: VentureBeat