Mastering the Quantum Challenge for Machine Identities

It is no secret that cybersecurity threats are ever-evolving. Each day, security professionals around the world receive reports of new vulnerabilities, new attack vectors, and new challenges that need to be overcome in this increasingly connected world. To make matters worse, cyberattacks are not only becoming increasingly sophisticated and damaging, but often easier to deploy as well.

Large organizations, such as those in the Global 5000, must be especially vigilant against new and emerging threats. These organizations have much more to protect than do smaller enterprises, and it generally takes comparatively more time and resources for large enterprises to reposition their security postures. Proactive measures and long-term vision are the keys to enabling Global 5000 companies to defend themselves efficiently against emerging cyber threats. To combat modern threats, modern defenses are required. But what are organizations to do when a threat unlike anything they have faced before looms on the horizon?

Quantum computers will enable threat actors to compromise the security and integrity of the devices and machines organizations rely on for their business operations. To protect systems against quantum-enabled attacks, post-quantum cryptographic solutions are required. The National Institute of Standards and Technology (NIST) is currently standardizing a suite of post-quantum algorithms that organizations can use alongside new paradigm methodologies to defeat these next-generation threat actors.

Ideally, organizations would be able to smoothly upgrade all their digital certificates and machine embedded cryptography to include post-quantum protections. Unfortunately, making such a transition is non-trivial in reality, and the difficulty and complexity increase with the size of the organization. A post-quantum migration requires that organizations have a deep understanding of not only their internal security postures but also of how their security postures are controlled or influenced by things such as their vendors or suppliers.

To help ease the post-quantum migration for customers, the Venafi Platform now supports the ISARA Radiate™ Quantum-safe Toolkit and the ISARA Catalyst™ Hybrid Certificate methodology. These offerings include a technique for using crypto agile certificates—leveraging highly optimized standards candidate post-quantum algorithms—that enable a phased and seamless migration while maintaining backward compatibility with current systems.

The consensus is that the arrival of large-scale quantum computers is only a matter of time. Of course, there is some debate as to the exact timeline, but industry experts typically estimate a range between seven and 15 years. Given the complexity of a cryptographic migration, the time to get serious about implementing quantum-safe solutions is now. NIST is aggressively pursuing their schedule of algorithm selection, but even then, true enterprise solutions have been lacking. 

Enterprises will now be able to make requests through the Venafi Platform for hybrid quantum-safe certificates that support both classical and quantum-safe cryptography. Leading Certificate Authorities are in the process of making these types of certificates available. The Venafi Platform will support and facilitate this certificate orchestration through partners such as ISARA.  The current version of the solutions can be found in the Venafi Marketplace.

The number of machines that enterprises need to protect continues to increase at a staggering rate. The Venafi Platform is a unique and powerful collection of tools that enable enterprises to address this growing problem in a smooth and scalable way. Through ISARA’s participation in the Venafi Machine Identity Management Development Fund, the Venafi Platform now supports technologies that give enterprises the ability to augment their security postures with quantum-safe solutions well before the threat of quantum computers becomes an unignorable reality.

Are you ready for the quantum revolution?