TryTRY
BuyBUY
  • newsletter
  • contact
  • corporate
  • careers
Utimaco
TRYour free HSM simulator
BUYget a quote
  • home
  • solutions
  • products
  • services
  • blog
  • downloads
  • partners
  • company

Utimaco Portal

Here you will find everything you need as a partner and customerLogin required

  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research

Home / Blogs / Crypto agility – How to determine your timeline for post-quantum preparation

Crypto agility – How to determine your timeline for post-quantum preparation

November 09, 2020

There is a significant uncertainty when it comes to the impact of quantum computing on modern cryptography. Perhaps the largest concern centers on just exactly when the quantum cryptography apocalypse will occur. While there are flurries of activity surrounding both the development of stable quantum computers and the cryptography algorithms that can withstand them, many are operating on what is at best a “loose” timeline. To help you on your journey to crypto-agility, let’s take a look into how to determine your timeline for post-quantum preparation.

New call-to-actionMosca’s Theorem

Renowned cryptography expert Dr. Michele Mosca has offered a theorem that may be the key to successfully determining your path to post-quantum preparation.  In his many presentations on the future of cryptography, Dr. Mosca has suggested the following equation be used in evaluating an organizations ability to prepare for the quantum age. This theorem is:

If X+Y > Z, then worry.

This theorem is both simple in its design yet complex in its evaluation.

In order to utilize the theorem effectively, we need to delve deeper into the variables of X, Y, and Z.

Determining X

The X factor in Mosca’s theorem is defined as the shelf life of your existing security capabilities. This scope of capabilities will vary from entity to entity, however, it should encompass aspects such as algorithms used, processes, procedures, hardware, and software. In determining your X, you need to evaluate how long your current configurations will be able to effectively offer the security that you, your customers and your partners require.

As organizations take a closer look at this shelf life, they must consider the steps they are taking towards crypto agility. Whether this is the result of adopting new Key Management Systems, upgrading existing Hardware Security Modules or integrating new policies and procedures, your level of quantum crypto preparation will play a big role in determining the rest of your timeline.

New call-to-action

Determining Y

The Y component of the equation refers to the migration time required to move your current crypto solutions into a fully quantum-safe environment. Determining your path to migration must be built on a solid understanding of where you currently stand. Your migration path is also heavily dependent on the proactive steps you take to inject crypto-agility into your current capabilities.

Migration paths will vary greatly from organization to organization. Your particular timeline will be dependent on the path you choose to obtain post-quantum readiness. Many organizations will choose a path of employing crypto-agile solutions to build an interim defense mechanism that can, in theory, be more quickly transitioned into a full quantum capable solution. Still, other entities may opt for a “Big Bang” approach where they will completely scrap their legacy solutions and implement a quantum safe solution from scratch.

Determining Z

The final piece of the puzzle is Z. This is defined as the number of years until stable quantum computers become available that can break existing crypto algorithms. While organizations can take the time to evaluate what makes up their own versions of X and Y, the value of Z becomes very subjective.

For starters, the scientific community does not have a consensus opinion on when quantum computing will be available in a stable form. Estimates range from 10 years to 20 years and beyond. In addition, once the first quantum computers are available, there will be an undetermined period of time before they could be used as part of a comprehensive cyber attack. To determine your specific value of Z, you will need to factor in the scientific projections and determine how much risk you are willing to endure.

Solving Your Equation

The primary value of Mosca’s theorem is that it allows you to fully assess where you currently stand, determine a path to migration and then compare it to the potential timeline for quantum computing availability. If your current shelf life plus your migration path is less than the number of years left until quantum computers, then you are in good shape. If the opposite is true, then you are obviously at risk of not being able to provide the necessary security to your customers and partners.

The additional value of this theorem is that it provides a framework for you to fully evaluate where you stand and where you need to go in order to achieve post-quantum security. It offers an optimistic approach to evaluate the best forms of crypto-agility that can keep your systems safe and secure in preparation for the quantum future.

Dr. Mosca does offer one sobering thought, however. Regardless of your current state (or X), if Y>Z then your cyber-systems will collapse. He also suggests that rushing “Y” will be expensive and disruptive. Take advantage of Dr. Mosca’s theorem to craft your quantum risk management plan and safeguard your systems in the post-quantum era.

New call-to-action

Work with the PQC experts

We at Utimaco have the honor to work with some of the leading researchers in quantum cryptography, who use our Hardware Security Modules.

The ultimate goal is to prepare:

  • the security infrastructure of the digital economy,
  • algorithms and
  • HSMs in unison for the post-quantum era.

Learn from the PQC experts

In the context of Utimaco’s Applied Crypto Symposium we had the chance to interview 3 of the leading researchers, and to dive into their views and research agenda on post-quantum cryptography.

… from the Institute of Quantum Computing

We started our series with with Michele Mosca, co-founder and professor at the Institute of Quantum Computing at the University of Waterloo.

Michele firsts sketches out the playing field, describing the challenges of post-quantum cryptography. He emphasizes the crucial role of HSMs in PQC and explains why. See the video

 

… from Samsung

In a 2nd video post, Madjid Nakhjiri, Senior Principal Security Architect at the Samsung Strategy and Innovation Center builds on Michele’s statements and describes PQC from a major industry player’s point of view. Samsung is a major player in the global B2C communication and entertainment industry. Connected devices are key to their future evolution. How will they handle it.

 

… from Entrust Datacard

In the third video, Sandy Carielli, Security Technologies Director at Entrust Datacard provides the perspective of a major security company. How can cards be made post-quantum proof and what may be their role in the post-quantum era.

 

… from independent security experts

The posts will be accompanied by discussions of NIST’s “semifinal” selection of post-quantum algorithms. The discussions will be led by security experts such as Peter Smirnoff, co-developer of the latest release of the GOST hash function or IT-journalist Terry Anton.

 

Watch already published videos on PQC #PartnersAreKey

  • Cryptomathic: CTO talks about how quantum computers influence the use of cryptography
  • QuintessenceLabs: Why do experts in post-quantum crypto work with Utimaco HSMs?

Connect to the Utimaco PQC research network

Be informed about the release of the next post-quantum related blogs and videos. Simply enroll to our info-mail with the subscription button on the top right.

Are you part of a research institute of department and interested in participating in our collaborative research programs, please contact us for additional information.

 

New Call-to-action

Back to overview

Stay on top of our news
Don’t miss out on any Utimaco updates

Subscribe to Utimaco Newsletter

We will keep you posted with news from Utimaco and the industries we protect, as well as information on upcoming events and webinars.

Subscribe now

Partners

SecureMetric Technology Sdn. Bhd. CertiSur S.A. IQuantics Corp Clearkey Consulting - Utimaco Hardware Security Modules Partner MALKOM D.Malińska i Wspólnicy s.j. CEGA Security Baas Control s.r.o. Throughwave (Thailand) Co.,Ltd - Utimaco Hardware Security Modules Partner cv cryptovision GmbH Utimaco HSM - InfoGuard Swiss Cyber Security E-Sign S.A. Altacom UAB Encryption Consulting LLC Utimaco HSM - QuintessenceLabs Komar Consulting Inc. - Utimaco Hardware Security Modules Partner Primekey Solutions AB Skytech Computing Solutions Limited. - Utimaco Hardware Security Modules Partner Rohde & Schwarz Cybersecurity GmbH Cryptomathic GmbH Synergy Computers (Pvt.) Ltd. - Utimaco Hardware Security Modules Partner VAR Group SpA - Utimaco Hardware Security Modules Partner Softline Solutions GmbH PKI Solutions Inc. JJNet International Co., Limited - Utimaco Hardware Security Modules Partner Secure Source Distribution (M) Sdn Bhd - Utimaco Hardware Security Modules Partner Fortiedge Pte Ltd. CREAplus Italia S.r.l Microexpert Limited MTG - Utimaco Hardware Security Modules Partner ESYSCO Sp. z o.o. Fornetix - Utimaco Hardware Security Modules Partner MIcrosec Thomas-Krenn.AG Nexus - Utimaco Hardware Security Modules Partner Utimaco HSM - PTESA_profesionales en transacciones electronicas Telegrupp AS Perceptus-sp.-z-o.-o. AKEA S.A. - Utimaco Hardware Security Modules Partner Cogito Group Pty Ltd PETA (Thailand) Co., Ltd. Compumatica secure networks B.V. Nexus Technology GmbH CREA plus d.o.o. Cyber Armor Pte Ltd Compumatica secure networks GmbH Abrantix AG Ascertia - Utimaco Hardware Security Modules Partner Cryptomathic Inc. intarsys AG Nexus - Utimaco Hardware Security Modules Partner Macroseguridad Safesoft Kft. Envoy Data Corporation - Utimaco Hardware Security Modules Partner Astel (UK) Ltd. - Utimaco Hardware Security Modules Partner Versasec Cryptomathic A/S EUROPEAN DYNAMICS SA. Real security d.o.o. CewTec S.A. PrimeKey Labs GmbH
Find a partner

Share this page

EMEA

Utimaco IS GmbH
Germanusstraße 4
52080 Aachen
Germany
Phone: + 49 241 1696 200

Americas

Utimaco Inc.
900 E Hamilton Ave., Suite 400
Campbell, CA 95008
USA
Phone: +1 844 UTIMACO

APAC

Utimaco IS Pte Limited
80 Raffles Place,
#32-01, UOB Plaza
Singapore 048624
Phone: +65 6622 5347

Utimaco

  • support
  • corporate
  • careers
  • legal
  • terms & conditions
  • privacy
  • cookie-policy
© 2021
to top
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research