Post Quantum Cryptography in the Federal Government

The federal government continues to invest in the development of quantum computing, but agencies are recognizing that it poses a threat to current encryption approaches. The Government Accountability Office summed it up. 

“Unlike computers we use today, a sufficiently powerful quantum computer could break cryptography in just a few hours or days compared to the billions of years a conventional computer would take. Public-key cryptography, a common type of cryptography used by federal agencies and critical infrastructure, is specifically at risk.”

Quantum computers powerful enough to break today’s encryption don’t exist yet. But attackers aren’t waiting. They’re already collecting sensitive data in what’s known as harvest-now-decrypt-later (HNDL) attacks.

Transitioning from current cryptographic systems to post-quantum security involves understanding where cryptography is used, assessing which data and systems are most at risk, and planning migration to quantum-resistant algorithms. Achieving quantum readiness requires coordinated action across governance, risk management, technology, and vendor ecosystems to ensure encryption can be replaced safely and on time. 

Learning Objectives:

• Identify the five pillars of quantum readiness
• Build a roadmap for achieving quantum readiness
• Establish metrics to track progress toward establishing quantum-resistant encryption
• Incorporate quantum readiness into resiliency projects and programs