In July 2024, the Office of Management and Budget (OMB) delivered a comprehensive report on post-quantum cryptography (PQC) to the Senate Committee on Homeland Security and Governmental Affairs and the House Committee on Oversight and Accountability. This report, mandated by the Quantum Computing Cybersecurity Preparedness Act, addresses critical components of transitioning federal information systems to PQC. As quantum computing advances, the government prioritizes securing its information systems from cryptanalytically relevant quantum computers (CRQCs), which pose significant risks to current cryptographic methods.

The report is structured into three main sections. Firstly, it outlines the Federal Government’s strategy for addressing the vulnerabilities of existing cryptographic systems to future quantum threats. Secondly, it provides estimates on the funding required for agencies to transition to quantum-resistant cryptography. Lastly, it details the coordination efforts, led by the National Institute of Standards and Technology (NIST), to develop and standardize PQC algorithms.

The White House Strategy for Migration to PQC

The Federal Government’s strategy for migrating to PQC is based on four foundational precepts designed to ensure a seamless and effective transition:

Comprehensive and Ongoing Cryptographic Inventory

A thorough inventory of cryptographic systems is essential for a successful migration to PQC. This inventory identifies all instances of public-key cryptography within federal information systems, allowing agencies to plan and track their migration. Automated cryptographic inventory tools are becoming increasingly sophisticated, expediting this process. Despite this, annual manual inventories remain necessary to ensure completeness. Automated tools may not cover all systems or network areas, making manual checks crucial. This iterative process will be critical throughout the migration and beyond, as agencies continuously evaluate the strength of cryptographic systems against new advancements in quantum and classical computing.

Mitigating Record-Now-Decrypt-Later Attacks

The possibility of CRQCs decrypting currently secure data necessitates a proactive approach. Malicious actors can collect encrypted data now and decrypt it later once CRQCs become capable. To counteract this, it is essential to implement strong classical cryptography and prioritize migration to PQC. Agencies must encrypt data in transit over internal and external networks, ensuring protection even if perimeter defenses are breached. The threat of record-now-decrypt-later attacks underscores the urgency of moving to PQC before CRQCs become operational.

Prioritizing Systems and Data for PQC Migration

Given the extensive use of public-key cryptography in high-impact and sensitive information systems, agencies must prioritize these systems for PQC migration. This prioritization includes high-value assets, systems with data expected to remain mission-sensitive in 2035, and systems that rely on asymmetric encryption for logical access control. This deliberate planning over multiple years ensures that key systems are secured first, minimizing potential operational disruptions during the migration process.

Identifying Non-PQC Compliant Systems Early

Some systems may not support PQC due to hardware and software limitations. Early identification of these systems is crucial to avoid delays in the migration process. Certain legacy and even modern systems might not have the processing capacity or flexibility for PQC implementations. Identifying and planning for the replacement or updating of these systems will be integral to a smooth transition. Testing PQC algorithms in real-world environments allows agencies to identify compatibility issues and prepare solutions before full-scale migration.

Funding Estimates for PQC Transition

The OMB and the Office of the National Cyber Director (ONCD), in cooperation with the Cybersecurity and Infrastructure Security Agency (CISA) and NIST, have collaborated with federal agencies to prepare for the transition to PQC. This preparation includes developing initial cryptographic inventories, estimating transition costs, and creating prioritization criteria for migration.

The projected cost for migrating prioritized information systems to PQC across the federal government from 2025 to 2035 is approximately $7.1 billion in 2024 dollars. This estimate acknowledges the high level of uncertainty and the need for annual updates as agencies refine their inventories and transition methodologies. Agencies accounted for specific conditions and qualities of their host systems and networks, including the identification of systems that cannot accommodate new cryptographic systems. The cost to replace these systems significantly contributes to the overall estimate.

Coordination Efforts and Standards Development

Migration to PQC requires the development and adoption of open PQC standards. Federal networks, reliant on commercial vendors and technology similar to those used in the private sector and internationally, benefit from open standards. NIST leads the effort to standardize PQC algorithms through an open process involving extensive collaboration with cryptographers, security researchers, and international stakeholders.

Since 2016, NIST has evaluated multiple rounds of candidate PQC algorithms, filtering the most promising ones for standardization. The multi-stage process includes rigorous testing, public commentary, and extensive analysis to ensure the algorithms' robustness and interoperability. NIST's ongoing efforts in this area are critical for ensuring that newly developed algorithms can be integrated into commercial hardware and software securely and efficiently.

Throughout the standardization process, NIST collaborates with other agencies, including the National Cybersecurity Center of Excellence (NCCOE), to explore and publish best practices for PQC migration. The NIST Cryptographic Module Validation Program (CMVP), a joint effort with the Canadian Centre for Cyber Security, plays a crucial role in evaluating the implementation of these algorithms, ensuring that they function as intended and provide the expected level of security.

Securing federal information systems against the risks posed by CRQCs requires a sustained, coordinated effort across multiple years. The Federal Government, guided by the strategies outlined in the Quantum Computing Cybersecurity Preparedness Act and National Security Memorandum 10, leverages the combined expertise of OMB, ONCD, CISA, NIST, and NSA to transition to PQC effectively. This comprehensive approach ensures the continued security and integrity of essential federal services and information systems in the quantum era.

Zeroproof's Role in Post-Quantum Security

Zeroproof's Emulated Quantum Key Distribution (eQKD) technology offers a critical solution to the challenges identified in the federal report on post-quantum cryptography. Traditional QKD systems face significant limitations, including high costs, complex infrastructure requirements, and operational range restrictions. In contrast, Zeroproof’s eQKD leverages existing internet infrastructure, providing a cost-effective and scalable solution for quantum-safe, end-to-end encryption.

With eQKD, Zeroproof eliminates the need for specialized hardware, ensuring that robust cryptographic security is accessible and implementable without significant financial and logistical burdens. Our innovative technology overcomes the distance limitations of traditional QKD, offering seamless protection across any geographical range. This flexibility is crucial for government agencies and organizations looking to future-proof their cybersecurity frameworks against both present and emerging quantum threats.

By adopting Zeroproof’s eQKD, agencies can streamline their migration to PQC, ensuring that their data remains secure and their cryptographic systems resilient against the evolving landscape of cyber threats. Zeroproof stands ready to in its mission to defend security and preserve the integrity of sensitive information systems in the quantum computing era.