Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Member Portal
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

Research Topic

Quantum-safe Security

Latest ResearchWorking Group
Practical Preparations for the Post-Quantum World
Practical Preparations for the Post-Quantum World

Download

Research Topics
About Topic
Working Group
Discussion Community
Publications

Countdown to Y2Q

Home
Research
Quantum-safe Security
The countdown to quantum destruction has begun, are you ready? On April 14, 2030 CSA estimates that a quantum computer will be able to break present-day cybersecurity infrastructure. Today, RSA, Diffie—Hellman (DH) and Elliptic Curve-based are ubiquitously used for the global public key infrastructure. All of these algorithms are vulnerable to quantum attacks. Take the first step to prepare by learning more about the quantum threat. Watch this recorded session from the CSA Research Summit to hear first-hand from the CSA Quantum Working Group about this threat and what we as an industry can do to prepare.

How is quantum computing able to threaten traditional cryptography? 
Researchers worldwide are working to make quantum computing a reality. Microsoft, Google, IBM, Intel, and many governments are working on building the first large-scale quantum computer. Particular types of quantum computers, armed with a mathematical algorithm known as Shor’s algorithm, can quickly factor math equations that involve large prime numbers. Equations involving large prime numbers are what gives most traditional public key cryptography its protective capabilities. Traditional binary-based computers cannot easily factor large prime number equations. Quantum computers with enough “qubits” can factor large prime number equations in a very short amount of time, measured in minutes to days. 

Now is the time to prepare!
The transition to quantum-resistant cryptography is likely to take at least ten years. Fortunately for us all, there are classes of public key algorithms developed which are believed to be resistant to quantum computing attacks.These algorithms are called post-quantum, quantum-safe, or quantum-resistant algorithms. A transition to these algorithms will provide continued protection of information for many decades to come. There are solutions and the time is now to prepare for a quantum-safe future. Read our step-by-step blueprint for preparing for the post-quantum world.

Help prepare!
We are forming a new project team, called the Post-Quantum Data Protection Project Group, to look at all the places where our critical data protection could be impacted and where the risk may need to be mitigated. Near-term mitigations are likely to include increasing existing cryptographic key sizes, isolating critical data, implementing quantum key distribution protections, implementing hybrid solutions, and moving to quantum-resistant cryptography. Long-term mitigations, many years out, include migrating to quantum-based ciphers and devices.


Quantum-Safe SecurityBlockchain/Distributed Ledger

Discuss this topic in Circle

View discussion community

Participate

View the working group

Press MentionSourceDate
CSA Warns of Quantum Computing Risks with Countdown ClockCloud ComputingMarch 21, 2022
Google, Microsoft aim to make their cloud environments more secure as cyberattacks increaseCNBCMarch 29, 2022
What's up with... Telecom Italia, Huawei, IliadTelecomTVApril 04, 2022
OpenSSH Bravely Addresses the Quantum ThreatMedium.comApril 11, 2022
Felderman: Congress must do more to bolster cybersecurityTelegraph HeraldMay 05, 2022
View all

Research around Securing Quantum Computing

CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.

A Day Without Safe Cryptography

A Day Without Safe Cryptography

Over the past fifty years, the digital age has sparked the creation of a remarkable infrastructure through which a nearly infinite variety of digital transactions and communications are executed, enabling businesses, education, governments, and communities to thrive and prosper. Millions of new devices are connecting to the Internet, creating, processing, and transferring digital information in greater volumes and with greater velocity than ever imagined.

Read more
Practical Preparations for the Post-Quantum World

Practical Preparations for the Post-Quantum World

This document discusses the cybersecurity challenges and recommended steps to reduce likely new risks due to quantum information sciences. This paper was created for awareness and education, and to communicate example steps every organization should be performing to prepare for the post-quantum world. Part I is a discussion of the various quantum threats which require mitigation. Part II is an actionable, step-by-step, blueprint for preparing for the post-quantum world.

Read more
Confidence in Post Quantum Algorithm

Confidence in Post Quantum Algorithm

NIST made the recent announcement of its Round 3 candidates for future post-quantum cryptography or quantum safe standards. As the world prepares to transition to post-quantum cryptography, it is essential to understand how much analysis has been done on the security of the individual post quantum algorithms and classes of algorithms.

Read more
View All Research

Webinars

Whitepaper: Practical Preparations for the Post-Quantum World
Whitepaper: Practical Preparations for the Post-Quantum World

October 13 | Online

Learn more

Corda Enterprise 4.8 - Architecture Security Report and Security Controls Checklist
Corda Enterprise 4.8 - Architecture Security Report and Secu...

December 14 | Online

Learn more

View All Webinars

Blog Posts

CSA Community Spotlight: Addressing Emerging Security Challenges with CISO Pete Chronis
Read Now
How CSA Research Uses the Cloud Controls Matrix to Address Diverse Security Challenges
Read Now
NIST FIPS 203, 204, and 205 Finalized: An Important Step Towards a Quantum-Safe Future
Read Now
View All Blog Posts