Kudelski Security recently announced the launch of a new focus on quantum security, including expanded research and advisory services that enable security leaders and product and system developers to align their long-term approach to risk and data protection to the era of quantum computing (QC).
This is an important step in pursuing an all-round offering in the quantum security area. This field of research is thriving, and because it is developing so fast it is also hard for non-specialists to keep up with the pace. We have seen a lot of interest from many different people who want to know: How will quantum computing impact my business? What should I do? How much time do I have?
These are all legitimate questions, unfortunately none of which has a one-size-fits-all answer. A few examples:
- It is a myth that the main impact of QC will be for security. Civilian applications will likely arrive first.
- Elliptic-curve cryptography is more vulnerable to QC than RSA or Diffie-Hellman (which are themselves endangered by QC)
- Counting the “number of qubits of a QC” is a very bad metric to measure quantum power.
- New research challenges the idea that “symmetric-key encryption is basically immune to QC attacks”
Navigating the field of quantum security can be intimidating. With the launch of these new services, Kudelski Security takes a holistic approach in helping clients developing their own tailored quantum resilience roadmap.
- We connect with the client’s needs and understand the specific and unique challenges, goals and constraints during one or more introductory meetings.
- Working together with our own advisory services and the client’s engineers, we explore the technical details of the client’s business and collect all the necessary information and documentation (e.g.: what kind of cryptography is used and where? What data is to be protected? Which level of exposure?).
- We produce a report that summarizes the quantum threat exposure of the client, including our observations, our findings, our methodology, our recommendations.
- Working further with the client on followup actionables to be decided together, we can proceed to recommend specific countermeasures or design improvements in order to harden services and products and make them compliant to new standards that are soon to become mandatory or at least very desirable (e.g.: NIST quantum-resistant candidates).
- Optionally we can expand the engagement by providing tailored certifications, training (in many different areas ranging from cryptography to quantum cloud computing), secure code audits, benchmarking for quantum hardware, and/or building tailored quantum-resistant solutions.
Find here a set of useful resources to get introduced to quantum security and the Kudelski Security services:
- A “Point of View document on Quantum Computing, Cryptography, and Security Technology”.
- A “Quantum fact sheet” that condenses the main focus points of this cybersecurity area.
- A “Quantum security consulting” brochure for our new service in a nutshell.
- A webcast on the introduction to quantum security.
Finally, if you want to see something more focused on “bleeding edge research” and on the future of quantum networks, do not miss the talk at Black Hat Europe on Dec. 10 “Quantum Security and Cryptography: You Are (Probably) Doing it Wrong”.
If all this sounds interesting to you, contact us!