Skip to main content Skip to footer

Crypto-agility: Preparing for post-quantum decryption

September 27, 2022 10-MINUTE READ


In brief

Standing at the brink: Modern cryptography and quantum computers

Because of the prevalence of RSA encryption, the public and private sectors stand at the brink of a precipice, as quantum computing technology matures at a rapid and accelerating pace.

How vulnerable are we to RSA attacks & other hacks?

The threat of “hack now, crack later”

Daunting but doable: The scale of Y2Q preparation

Common misconceptions about post-quantum cryptography (PQC):

Quantum computing and the U.S. government

White House mandates agency action

Deadline to inventory and report on quantum vulnerabilities:

  • Agencies operating NSS: July 2022
  • All other agencies: May 2023

Crypto-agility: The key to compliance and enduring security

Immediate benefits

Agencies can support legacy and post-quantum cryptographic algorithms while in transition, enabling them to immediately safeguard high-value assets.

More agile security

Agencies can maintain continuous compliance and adopt the highest appropriate level of security as encryption and decryption technologies advance.

Better insight

During the interim state, risk assessments can determine which assets can be protected with conventional cryptography while others require quantum-resistant methods or other mitigating controls.

Greater capabilities

Agencies can gain access to advanced threat detection and response capabilities as they are built into government cryptosystems, enabling detection of previously unknown cryptography on networks.

Key elements and tooling for crypto-agility

Key features of a crypto-agile platform:

Integration with crypto key management systems

Integration with identity and access management systems

Secure virtual private network (VPN) that leverages quantum-secure algorithms

Cryptography policy management

Monitoring of secure communication to inventory protocols and encryption algorithms

Dashboard for real-time monitoring and traceability of past events and discovery of unknown cryptography

Machine learning automation to optimize performance

Crypto-agility, Zero Trust, and Cloud Smart

First steps: Launching the journey toward crypto-agility

Enduring cyber-resilience for the American people

Garland Garris

Senior Manager – Accenture Federal Services, Quantum Security Lead

Managing Director – Accenture Federal Services, Cybersecurity, Defense Lead