What is the purpose of post-quantum cryptography?

Quantum computing has the promise of changing aspects of our world unlike anything that we have seen in history. Many fields of study stand to make monumental leaps in progress due to the significant increase in computing power afforded by the application of quantum physics to computing. Advancements in areas such as pharmaceutical development, disease etiology, material science, energy, aeronautics, weather forecasting, blockchain and financial modeling portend to be revolutionary when quantum computing reaches its maturity. All of these examples provide for a very positive impact. The implications related to cryptography are equally as impressive; however, for concerning reasons. Data and communication transmissions today are protected by cryptographic algorithms developed over the past several years. The security of these algorithms is believed to be very strong and can withstand attempts of compromise, even by today’s supercomputers. In September 2021, the U.S. Department of Homeland Security (DHS) issued a memorandum titled, “ The memorandum also provides guidance for a transition from the current cryptographic standards and technologies to postquantum encryption standards. Currently, however, a US postquantum cryptographic standard does not exist. The National Institute of Standards and Testing (NIST) is currently considering many algorithmic solutions to become finalists for the NIST standard. DHS’s goal is to provide a roadmap that will reduce the time needed to tr...

• • Continuous, automated, integrated mobile app security testing • Combine the power of NowSecure Platform automation and NowSecure mobile security expertise • Mobile app vetting and software bill of materials • Integrate mobile app security testing into your workflows with GitHub Actions • • The ultimate power tool for mobile app pen testers • Open source, world-class dynamic instrumentation framework • Open Source toolkit for reverse engineering, forensics, debugging and analyzing binaries • • Full-scope penetration testing with remediation and retesting • Complete an Independent Security Review for Google Play™ Data safety section • Free mobile appsec training for dev and sec teams and expert-led certifications • Learn more about what makes NowSecure the industry leading Mobile AppSec solution suite • Use our value mapping tool to model your current mobile appsec gaps and see how to reduce time, cost and risk • • Tools and solutions for companies embracing mobile-first strategy • Mobile appsec that's purpose-built for DevSecOps • Mobile app vetting and software bill of materials • Leading industry frameworks and compliance standards behind our offerings • Software requirements for mobile apps used by government agencies • • Testing for the mobile apps you build, use, and manage • Pen testing powered by our experts and best-in-class software • Mobile app security testing based on industry standards from the OWASP community • Mobile API observability across testing solut...

In response to the threat to RSA and ECC encryption algorithms imposed by Quantum Computers, the National Institute of Science and Technology (NIST) has been leading an effort to define replacement cryptographic algorithms The goal is to create standards for new asymmetric encryption algorithms capable of withstanding attacks from Quantum Computers. NIST started this process started in 2015 and has stated that fully published standards will be available in 2024. The new Post Quantum Crypto algorithms will replace RSA and ECC for a wide variety of applications and use cases. Conversion to new algorithms is a major undertaking, impacting PKI systems, TLS and VPN protocols, crypto libraries, HSMs, TPMs and a host of other systems. Rolling out these new algorithms across the entire ecosystem and supply chain will take years. If companies don’t already have a roadmap for migration to PQC, they need to start now. NIST timeline misconception With NIST standards expected in 2024, some assume that we must wait until 2024 to begin implementing post quantum crypto solutions. This is a misconception. NIST has stated that they plan to announce the algorithms to be standardized in December of 2021 or January of 2022. In just a few months, we will know what algorithms will be standardized. In fact, NIST has already announced XMSS and LMS as standards for hash-based signature algorithms. By early 2022 companies can begin implementing the Post Quantum Crypto solutions based on standardised...

In early 2020, there were 4.7 billion Internet users worldwide , a staggering 1,187% growth over just two decades. Furthermore, our increasing reliance on Internet-powered technologies generates massive amounts of data ( – that’s 1 followed by 21 zeros !) Much of this data contains “sensitive” information that needs to be encrypted . We use specialized encryption systems to ensure that this data can only be accessed by authorized users in possession of encryption keys . For decades, we’ve been using the same cryptographic systems, like RSA, to protect our data. These cryptographic systems were largely effective – but very soon, they’ll become powerless against the quantum threat. And the only way to prevent a global collapse of our IT infrastructure is to use cryptography that is resistant to quantum attacks. But what differentiates c lassical cryptography from the newer q uantum cryptography ? How is quantum cryptography different from post-quantum cryptography? And how exactly can novel quantum-safe cryptosystems protect us? Let’s explore the answers to these questions below! Classical, Quantum, and Post-Quantum Cryptography: The Differences The purpose of all three types of cryptography is to encrypt data and ensure its security, integrity, and authenticity. However, the three cryptography technologies drastically differ in how they protect data. Here’s a quick summary of the differences between classical cryptography, post-quantum cryptography, and quantum cryptography...