Internet Engineering Task Force Standardizes Quantum-Safe VPN Protocol Created by Post-Quantum | silicon channels

Created by cybersecurity firm Post-Quantum, the new standard protects communications from attacks by quantum computers

Protocol used by central banks to secure payment messages and by NATO to secure communications

LONDON–(BUSINESS WIRE)–Global efforts to protect digital communications from the threat posed by quantum computers took a significant leap forward today, as a new standard for quantum-secure virtual private networks (VPNs) was ratified by the Internet Engineering Task Force (IETF).

How EOR is becoming a crucial tool in 2023

EOR gains in importance as companies digitize and hire globally. Learn from industry leaders…Show more

EOR gains in importance as companies digitize and hire globally. Learn from industry leaders using EOR with Atlas HXM. Show less

The new protocol has already been used by the Banque de France and the Deutsche Bundesbank to secure payment messages, paving the way for the Bank to fully adopt international settlements to secure communications between the world’s central banks.

Harvest Now Decrypt Later (HNDL) attacks currently pose the biggest threat to quantum cybersecurity. These attacks now see hostile actors steal encrypted data that can be decrypted once a sufficiently mature quantum computer comes online. The new US Quantum Computing Cybersecurity Preparedness Act states that HNDL risk poses the gravest threat to humanity and stipulates that quantum migration must begin now. Implementing a VPN based on the new post-quantum encryption is the simplest way to protect data in transit from such attacks.

The new IETF standard specifies how VPNs can securely exchange communications in the quantum age. The new approach prioritizes interoperability by making it possible to incorporate multiple post-quantum and classical encryption algorithms into VPNs. The combination of old and new encryption is essential to ensure that there is no disruption to the operation of existing IT systems and to protect data from classical and quantum computer attacks.

This is an especially important milestone for internet connectivity and security as we move from an era where the world relied on only one or two algorithms (RSA and Elliptic Curve), to a situation where several nation states are implementing a wide variety of different post-Quantum algorithms. This new IETF standard is the glue that allows parties using different public key cryptographic algorithms to communicate with each other.

The new IETF standard was proposed and designed by Post-Quantum, a British cybersecurity company that has built a portfolio of market-ready quantum cybersecurity products. Post-Quantum’s hybrid PQ VPN uses the new IETF standard and is already used by NATO to protect its communications from quantum attacks, supporting interoperable communications between NATO members.

CJ Tjhai, CTO, Post-Quantum and original author of the new IETF standard said: I would like to thank all the technologists who worked with us on this IETF standard. Much of the attention has focused on NIST’s post-quantum encryption algorithms themselves, but that’s not enough unless you have a protocol that defines how the connectivity is done. The easiest way to prevent Harvest Now Decrypt Later attacks is to implement a PQ VPN based on the new IETF standard. NIST’s new algorithms are only useful if we have agreed standards for their use and mature products that meet them.

Andersen Cheng, executive chairman, Post-Quantum added: CJ and his collaborators have completed important work that allows tech companies to build secure quantum VPNs that communicate with each other. We are entering a period where different countries now recommend different encryption algorithms, so designing our communications infrastructure to be interoperable and backward compatible is absolutely crucial. This is the value our VPN is bringing to organizations like NATO, a diverse member organization with a variety of post-quantum algorithms in use.

In the commercial sector, we are delighted that Banque de France and Deutsche Bundesbank have also recently completed their payment message transmission project using our protocol, which will pave the way for the Bank of International Settlements to build a complete chain of trust for the bank central applications to counter any HNDL risks they already face today.

Jos Mara Luca Moreno, Lead Partner, EY Wavespace and Post-Quantum Partner added: Our agreement with Post-Quantum is an important step in helping EY and its customers become quantum secure. We are increasingly consulting with our customers to identify where they use traditional cryptography that will need to be upgraded and to help them prepare for the quantum age. The Post-Quantums approach is particularly attractive because it has modular software-based products such as VPNs that can be deployed together or standalone within existing environments to offer protection today.

The IETF is the non-profit organization responsible for developing the standards that define how the Internet is built and used. Now that the IETF has ratified this work, VPN vendors will adapt their protocols to match it, making it a definitive standard for the future of cybersecurity as the world moves from classical to new post-quantum cryptography. The ratification represents the culmination of work dating back to 2017, when Post-Quantum took the lead in creating the original proposal for this standard.

ends

Notes to editors

A VPN uses public key cryptography to create a secure virtual tunnel within a network, ensuring that only the correct recipient can decrypt the communication (any intercepted data remains encrypted and is therefore unusable). Such software is increasingly relied upon to protect remote workers logging in outside of traditional office environments.

About Post-Quantum

Post-Quantum is upgrading the world to next generation cryptography. Our secure quantum platform includes modular identity, transmission, and encryption software that protects organizations across their entire digital footprint. The products are interoperable, backward compatible, and crypto-agile, ensuring a smooth transition to the next generation of cryptography.

Post-Quantum works with defense organizations, critical national infrastructure and financial services, including a multi-year relationship with NATO to ensure its communications are secure against quantum attacks.

The company is the inventor of NTS-KEM, a code-based post-quantum algorithm. Now known as Classic McEliece following the merger with the presentation led by Professor Daniel Bernstein, it is currently in the fourth round of the NIST competition. The company is also the original author of the Internet Engineering Taskforce (IETF) standards for a post-quantum hybrid virtual private network.

As the IETF defines how the internet works, it is imperative that more and more components become quantum secure in due time. The Society is working proactively and proposing several new standards to the IETF that will help shape how the Internet will work in a post-quantum world.

Contacts

Connor O’Keefe, account director

Fire on the hill
Mobile: +44 7710 685742