By Kaniah Konkoly-Thege, Chief Legal Counsel, SVP Government Relations at Quantinuum
A lot has taken place in the quantum industry since the National Institute of Standards and Technology (NIST) announced its selection of PQC algorithms for standardization in 2022. From technology to global policy, advancements are causing experts to predict a faster timeline to reaching fault-tolerant quantum computers. Technology advances may also accelerate the timeline for when a future quantum computer could overwhelm the encryption tools we currently rely upon to protect everything from national security information to banking and healthcare data. The newly-released NIST PQC standards are a critical step toward protecting data in the quantum age and warrant the attention of the entire federal cybersecurity ecosystem.
Since NIST Algorithm Selection (2022): Industry Progress
Over the last decade, the quantum information science ecosystem has moved from early-stage scientific exploration and investigation into applied commercial research and development. Governments worldwide now view quantum as a strategic technology critical for both economic and national security.
As an industry composed of mostly start-ups and tech giants, several important advancements took place over the past two years. Quantum capabilities in hardware have, for certain problems, moved beyond the limit of what supercomputers can simulate; software integration has advanced quantum computing out of the current noisy intermediate-scale quantum (NISQ) level to Level 2 resilient quantum computing; and from a cybersecurity perspective, standardization of a new cryptographic system has now been released by NIST, the world’s leading standards organization.
Advancements in Global Government Investment
According to U.S. National Security Advisor Jake Sullivan, “… advancements in science and technology are poised to define the geopolitical landscape of the 21st century … Preserving our edge in science and technology is not a ‘domestic issue’ or ‘national security’ issue. It’s both.” This sentiment has been reflected by government officials all over the world. As quantum technology has advanced from the lab to the marketplace, the need to fund quantum research and commercialization, while also fortifying critical systems and data to withstand future cyberattacks from a quantum computer, has become even more stark.
The World Economic Forum estimates that governments have invested over $40 billion USD in quantum technologies as of January 2024, with over $15 billion invested by China alone. 2023 was the first year where government funding outpaced private funding in a sign that governments increasingly view quantum as an integral piece of international competitiveness from both an industrial and a military policy perspective.
The global race to lead in quantum technologies is very much ongoing. According to Sullivan, the U.S. must “… ensure that emerging technologies work for, not against, our democracies and security.” The NIST announcement is further proof that the time for governments and companies to invest in quantum solutions is now.
Advancements in U.S. Government Policy
As NIST’s initial PQC algorithm competition advanced, a myriad of U.S. government actions have been released with the goal of protecting government data and cybersecurity systems vis-à-vis fault-tolerant quantum computers:
- In May of 2022, President Biden issued the National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems (NSM-10).
- The Quantum Computing Cybersecurity Preparedness Act was signed into law in December of 2022. The Act acknowledges the threat to encryption posed by fault-tolerant quantum computers and seeks to mitigate that threat by strengthening U.S. government agency systems and instructing the Office of Management and Budget to issue further guidance one year after NIST issues its PQC standards (which imputes a deadline of August 13, 2025).
- A key piece of legislation, the National Quantum Initiative Act (NQIA) enacted by Congress in December 2018, authorized over $1.2 billion to support quantum research and development. The NQIA expired on September 30, 2023, and while the NQIA Reauthorization was unanimously reported out of the House Committee on Science, Space, and Technology earlier this year, it is currently awaiting a vote in the House of Representatives and would then need to be taken up by the Senate.
While government investment does not directly equate to the regulation of quantum, it is clear that the NQIA and other government funding sources have and will continue to influence the behavior of companies in the quantum ecosystem. Government strategies and funding schemes often function as soft-law regulations that serve the purpose of signaling government priorities and guiding private investment, research initiatives, workforce development, and diplomatic decisions across the globe.
Quantum, like many emerging technologies, sits at the crossroads of technology and international relations, and the funding and scaling of quantum businesses will likely be heavily affected by geopolitics and government strategies over the coming decade.
PQC Milestone: Post-Standardization Begins
NIST’s standardization announcement on Aug. 13 marks the start of a new era, one of planning and implementation. Specifically, this milestone is critical to federal agencies and agency partners who are mandated under NSM-10 to transition to quantum-resistant cryptography by 2035. According to the mandate, some key post-standardization requirements take effect:
- Federal civilian agencies must start regular reporting of timelines and plans to make the transition. Federal partners are also advised to prepare themselves to support PQC as soon as possible after the standardization takes place, according to NSA/CISA.
- The Secretary of Commerce will be proposing (within 90 days) a timeline for the deprecation of quantum-vulnerable cryptography standards. The goal will be to move “the maximum number of systems off quantum-vulnerable cryptography” over the next decade.
- Heads of agencies operating or maintaining National Security Systems (NSS) must submit (within one year) an initial plan to transition to quantum-resistant cryptography in all NSS.
This is more than a box-checking exercise, as these standards will take on force of law for federal agencies and agency partners who are mandated under NSM-10 to transition to quantum-resistant cryptography by 2035. Additionally, the PQC algorithms are likely to become “market standard” in the private sector and be encompassed in the definition of “adequate cybersecurity measures” in commercial contracts, audits, and due diligence exercises.
Cryptographic Agility and Resilience
The U.S. government’s quantum computing cybersecurity preparedness must remain flexible, reflecting the evolving nature of the technological breakthroughs across the industry as well as the ever-increasing capacities of threat actors who may seek to capitalize upon quantum.
PQC migration is a necessary and critical step toward protecting vulnerable digital systems from powerful quantum computers in the future. The migration to PQC will take years and a hybrid approach that utilizes today’s algorithms, such as RSA, alongside PQC algorithms is prudent to maintain adequate security should any issues arise during the PQC transition. Maintaining this cryptographic agility will be key to ensuring cybersecurity against threats, classical and quantum alike.
To achieve true resilience against quantum attacks, government agencies and private organizations should consider a layered-defense strategy that includes PQC and cybersecurity solutions that leverage quantum mechanics, such as provable quantum entropy for encryption key generation. When combined with PQC algorithms, these quantum-derived technologies can help protect against a far fuller range of threats posed by quantum computers.
The Unfunded Mandate Challenge
According to the OMB report delivered to Congress last month, the total government-wide cost required to perform a migration of prioritized information systems to PQC between 2025 and 2035 will be approximately $7.1 billion in 2024 dollars. This total does not include funding for National Security Systems which was to be estimated separately.
Prior to the standardization, NSM-10 discouraged the procurement of any commercial quantum-resistant cryptographic solutions. Now that the initial standardization is complete, federal agencies will be authorized to procure such solutions. The question then becomes, how will these procurements be funded? It is vital for Congress to reauthorize the NQIA and to fund programs to further commercialize quantum computing while also pulling policy levers such as tax incentives, loan guarantees and strategic investments across U.S. government agencies to procure solutions to identify vulnerabilities and transition to PQC algorithms over the coming decade.
What Next and When?
Beyond the standardization of these initial PQC algorithms, NIST has made further calls for digital signature algorithm candidates, seeking to diversify its algorithms to increase the probability that these solutions will remain secure as the technology continues to develop. It will be several years before these additional signature algorithms are standardized.
While there is no set formula for assessing the risk and timing of the quantum threat, federal agencies and partners can rely on progress in the following three areas as indicators: hardware progression, error correction, and algorithm development. Given where we stand today, the need to complete agency migration to PQC to effectively protect sensitive defense and critical infrastructure systems and information needs to be prioritized, as technological developments could necessitate such quantum secure solutions sooner than 2035.
While exact timelines remain unknown, federal agencies should focus on enhancing cryptographic agility so the U.S. remains resilient against potential quantum computing threats. For the hundreds of cybersecurity partners supporting U.S. government systems, it is important to consider that those who have not yet integrated PQC algorithms to make their offerings quantum-secure should expect to have such offerings listed as vulnerable systems on inventory reports each year until they are compliant, or risk losing their government contracts.