Quantum computing is advancing, and while experts are not sure when there will be a quantum computer powerful enough to break the RSA and ECC cryptographic algorithms that are currently in use, many are operating under the assumption that this can happen within a 10-15 year timeframe. This is a general timeline because there is no way to know when this will occur – it could happen sooner or it could happen later.
The Road to Crypto Agility
Entrust Datacard is actively engaged in research for Post Quantum (PQ) technology. We are working with the IETF on proposals to create new X.509 certificate formats with multiple keys (called hybrid or composite certificates) that would help with cryptographic agility by supporting both classical (RSA/ECC) and PQ algorithms. We recommend that organizations keep an eye on this issue since migration from RSA to a new algorithm(s) could take several years.
Here are some things you can do to prepare for a PQ world:
While organizations might want to take a look at — and even build — prototypes with some of the PQ algorithms currently being assessed by NIST for standardization, you should not be rolling these into production. New algorithms are still being scrutinized and the details of algorithms may change. There are several different algorithms standardized for different use cases: IoT traffic, web traffic, etc. NIST has suggested that they will wrap up evaluation of PQ algorithms around 2022 when they will announce which ones are going to be standardized.