Security system

NSA issues ‘post-quantum’ guidelines for national security system owners, operators and vendors

Quantum computing isn’t here yet, but the National Security Agency wants National Security System (NSS) owners, operators, and vendors to be ready when it arrives. The NSA has released a suite of “post-quantum algorithms” that will eventually become requirements for the NSS, along with a series of timelines for the transition.

The new Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) establishes a variety of timeframes, depending on the implementation, although the NSA provides a final end…

READ MORE

Quantum computing isn’t here yet, but the National Security Agency wants National Security System (NSS) owners, operators, and vendors to be ready when it arrives. NSA published a suite of “post-quantum algorithms” that will eventually be requirements for the NSS, as well as a series of deadlines for the transition.

The new Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) establishes a variety of timelines, depending on the implementation, although the NSA provides a final end date for the transition.

“NSA expects the transition to QR algorithms for NSS to be complete by 2035, in accordance with [National Security Memorandum 10]. The NSA urges vendors and NSS owners and operators to make every effort to meet this deadline,” CNSA 2.0 states. “Wherever possible, NSS owners and operators should prefer CNSA 2.0 algorithms when configuring systems during the transition period. Where applicable, the use of CNSA 2.0 algorithms will be mandatory in commercial product classes within the NSS, while reserving the option to allow other algorithms for specialized use cases.

CNSA 2.0 establishes software and firmware signing as the NSA’s highest priority; it states that these applications should “begin the transition immediately, support and prefer CNSA 2.0 by 2025, and exclusively use CNSA 2.0 by 2030”. Other applications, such as web browsers, cloud services, operating systems, and custom and legacy technologies, take longer to implement.

Source: National Security Agency, Commercial National Security Algorithm Suite 2.0

CNSA 2.0 taps into tips published by the National Institute of Standards and Technology in July. NIST Special Publication 800-208 announced the selection of standardized, quantum-resistant cryptographic algorithms. These selections will be standard for government systems not related to national security. CNSA 2.0 narrows the scope of NIST selections to those acceptable to NSS.

But the NSA warned in its press release that “there are no definitive standards or [Federal Information Processing Standard (FIPS)]- validated implementations are still available. The release says CNSA 1.0 remains the current compliance benchmark, but encourages NSS owners and operators to use CNSA 2.0 and NIST selections to begin preparing.

“We want people to take note of these requirements to plan and budget for the expected transition, but we don’t want to preempt the standardization process,” Rob Joyce, director of NSA Cybersecurity, said in the press release.

The NSA also took care to note in the FAQs accompanying CNSA 2.0 that there is no existing consensus on when quantum computing will arrive; these orientations are simply preventive on the basis of the progress that has been made so far.

“I’m probably more skeptical than most about when we’ll actually have a cryptanalytically relevant quantum computer…the best definition I’ve heard is 10 years forever. But we are starting to enter a window of concern,” NSA Director of Research Gil Herrera said during a Sept. 8 Intelligence National Security Alliance webinar.

Herrera said the main obstacle to quantum computing today is the inability to model predicted solutions. Modeling is what has enabled rapid progress in semiconductors and microelectronics, he said. As long as they could make what was modeled, they knew it would work. None of the existing theories link manufacturing to models.

“And that’s why it’s so hard to predict when we’ll have a quantum computer, because there’s no strong enough underlying theoretical basis to explain how the devices actually work. And that’s why I don’t believe not to anyone’s quantum computing predictions, even my own,” Herrera said. “But if anyone was able to make one, our national security systems and our financial systems are at risk, and that’s why the White House and the NSA are warning people to go to a point of resistance.”