HomeAI in EducationMicrosoft accelerates quantum security timeline – THE Journal

Microsoft accelerates quantum security timeline – THE Journal

Microsoft is Accelerating the Timeline for Quantum Security

Microsoft is making significant strides in updating its quantum security timeline, driven by rapid advancements in quantum computing and new federal mandates. These developments have shifted post-quantum cryptography (PQC) from a distant goal to an urgent technical necessity.

Transitioning to Post-Quantum Cryptography by 2029

Mark Russinovich, Chief Technology Officer at Microsoft Azure, recently highlighted this priority shift in a Microsoft Security blog. The company has revised its internal timeline, aiming to transition critical products and services to PQC by 2029.

“For years, planning for post-quantum cryptography (PQC) was presented as a future problem: important, inevitable, but distant,” Russinovich stated. “This perspective continues to evolve as technology advances and organizations prepare for the scale and complexity of the transition ahead.”

Federal Mandates and the Increasing Quantum Threat

This update follows the White House’s Executive Order 14412, titled “Securing the Nation Against Advanced Cryptographic Attacks.” It mandates federal agencies to begin transitioning high-value assets and high-impact systems to PQC standards approved by the National Institute of Standards and Technology (NIST).

The executive order underscores the growing concern about malicious actors potentially collecting encrypted data now, with the expectation that quantum computers will soon be able to crack these systems. “The emergence of large quantum computers, particularly in the hands of adversaries, will pose a significant threat to widespread cryptographic security systems,” the order warns.

Microsoft echoes this sentiment, indicating that the “harvest now, decrypt later” risk is influencing how customers handle long-lived sensitive data. Organizations in regulated sectors and critical infrastructure are prioritizing the confidentiality of information that must remain secure for many years.

Microsoft’s Strategic Response

Russinovich emphasized that Microsoft now perceives a shifted risk horizon. “We believe cryptographically relevant quantum computers could come to market sooner than previously expected – and the effort required to prepare is significant, requiring companies to start now,” he wrote. “Quantum capabilities are increasing. Now is the time to respond.”

To address this challenge, Microsoft is accelerating its Quantum Safe Program and integrating PQC requirements into its Secure Future Initiative. This company-wide initiative, launched after high-profile security breaches and regulatory reviews, aims to incorporate quantum security readiness into its operational framework alongside other security priorities.

Focus Areas for Enhanced Security

Microsoft has identified three primary areas for immediate focus: enhancing network cryptography, building crypto-agility for data at rest, and modernizing cryptographic trust chains used for identity, signing, and certificates.

In the realm of network cryptography, Microsoft highlights the role of TLS 1.3 as a foundation for hybrid and post-quantum key exchange as standards develop. For data at rest, businesses need to achieve crypto-agility, allowing cryptographic settings to be configurable without extensive application redesigns. Regarding trust chains, Microsoft notes the complexity involved in areas such as code signing, certificate issuance, key protection, and update pipelines, all of which require modernization.

By advancing these initiatives, Microsoft is aiming to lead the industry in preparing for a future where quantum security is paramount. The comprehensive approach underscores the company’s commitment to staying ahead of emerging threats and ensuring robust protection for its customers.

For more detailed information, you can visit the source Here.

“`

Must Read
Related News

LEAVE A REPLY

Please enter your comment!
Please enter your name here