成人大片

Before quantum computers become readily available, a 成人大片 (成人大片) researcher is preparing to protect our data with a roadmap for improving cybersecurity. 

Today鈥檚 standard encryption algorithms, used to protect sensitive and confidential data online and in enterprise data centres, could be catastrophically broken by quantum computers that can solve encryptions that are too complex for classical computers. To prevent that from happening, information technology management professor Atefeh Mashatan is helping industry build a holistic quantum readiness roadmap that will prepare organizations for the migration to quantum-resistant cryptography. The roadmap outlines different paths organizations can take to transition their cybersecurity before, during and after quantum-resistant cryptography becomes standardized. It also recommends steps organizations can take to protect their data today.

As a cybersecurity expert, director of 成人大片鈥檚 Cybersecurity Research Lab and Canada Research Chair in Quality of Security Framework for Internet of Things, professor Mashatan has led previous cryptographic migrations. However, she says the migration to quantum-resistant cryptography will be a more arduous task.

鈥淚t鈥檚 not going to happen overnight. Some of the implementations are going to be so involved, so time-consuming, so complex,鈥� said professor Mashatan. 鈥淭his time around, with quantum-resistant migration, it鈥檚 going to be more involved because standards aren鈥檛 set yet, and timelines will be tight for some data owners.鈥�

The National Institute of Standards and Technology (NIST), a U.S. government agency, is expected to standardize quantum-resistant public-key cryptographic algorithms in 2024. While quantum-resistant cryptography already exists, major organizations like government agencies and banks are unlikely to implement new cryptography without standardization, as they must still meet today鈥檚 cybersecurity compliance requirements.

Professor Mashatan says organizations need to start planning their migration to quantum-resistant cryptography now, since their sensitive data are already vulnerable to quantum threats. For example, hackers can harvest and store encrypted data through data breaches today, then wait for quantum computers to decrypt it. If the data remains valuable to the owner, such as Social Insurance Numbers or banking information, it will still be attractive to the hackers once scalable quantum computers become available. 

Drawing on lessons learned from previous cryptographic migrations and from gathering information from cybersecurity professionals working in industry, professor Mashatan recommends that organizations begin two tasks as soon as possible. First, organizations need to understand their cryptographic footprint 鈥� where they use cryptography and what their vulnerabilities are. The second task is to start the triage and risk assessment processes to see what data is most vulnerable to future decryption. This is particularly important for sectors that store high-value data such as in health, government and finance, as data tied to individuals for the duration of their lives could be very lucrative to hackers.

鈥淔or high-value data owners, the solution in the meantime is to implement hybrid cryptography that combines existing standardized quantum-vulnerable cryptography together with quantum-resistant cryptography,鈥� said professor Mashatan. 鈥淭his gives organizations a little bit more protection and helps them not be taken by surprise by quantum advances. It buys them some time, too.鈥�

Professor Mashatan鈥檚 recommendations on how to execute the migration to quantum-resistant cryptography continue to evolve as researchers learn more about quantum-resistant cryptography and work to develop industry standards. She suggests organizations ensure they have crypto agility and are not locked to specific hardware and software vendors in case those vendors are not prepared to move quickly as quantum computing becomes a reality.

It鈥檚 not going to happen overnight. Some of the implementations are going to be so involved, so time-consuming, so complex.

Read 鈥溾�� in the journal Communications of the ACM.