"Quantum Computing Vulnerabilities of National Critical Functions"
Future quantum computing capabilities will be capable of breaching the security of current public-key cryptography implementations. Public-key cryptography is the fundamental building block for the security of national information and communication infrastructure. According to a new RAND study, quantum computers will create vulnerabilities in critical infrastructure, but migrating to new post-quantum cryptography standards being developed by the National Institute of Standards and Technology (NIST) should mitigate vulnerabilities. The US Department of Homeland Security requested the Homeland Security Operational Analysis Center (HSOAC) to conduct high-level assessments of quantum vulnerabilities in 55 National Critical Functions (NCFs). Researchers evaluated each NCF's significant issues, then rated each NCF regarding urgency, scope, cost per organization, and other mitigating or exacerbating factors. These ratings were then combined by the researchers to create an assessment of each NCF's priority for assistance. Six of the NCFs were rated as high priority for assistance, 15 as medium priority, and 34 as low priority. Furthermore, three NCFs were identified as critical enablers of the transition to the new cryptographic standard. The researchers found that all NCFs must prepare for the transition, a significant portion of the vulnerability can be addressed with relatively few actions by critical enablers, catch-and-exploit vulnerabilities are important for only a few stakeholders, and more. This article continues to discuss key findings from the study of quantum vulnerabilities in NCFs.