NSA shares QKD, QC guidance

In response to requests from mission customers, NSA is publicly sharing guidance on quantum key distribution (QKD) and quantum cryptography (QC) as it relates to securing National Security Systems (NSS). Sharing guidance that was previously kept within internal government channels represents one aspect of NSA’s efforts to be more transparent in the way that we secure the nation’s most sensitive systems and engage with the greater cybersecurity community, NSA announced October 26.

NSA is responsible for the cybersecurity of NSS, i.e., systems that transmit classified and/or otherwise sensitive data. Due to the nature of these systems, NSS owners require especially robust assurance in their cryptographic solutions; some amount of uncertainty may be acceptable for other system owners, but not for NSS. QKD is a method for using the physics of quantum mechanics to create a shared secret between two parties.  While it has great theoretical interest and has been the subject of many widely publicized demonstrations, it suffers from limitations and implementation challenges that make it impractical for use in NSS operational networks. For more details, please read NSA’s QKD and QC guidance. 

NSA considers cryptography based upon mathematical algorithms to be a better alternative for securing National Security Systems against the threat posed by future developments in quantum computing. The National Institute of Standards and Technology (NIST) is in the late stages of creating standards for public use. For more details, please review NSA’s Cybersecurity Perspective on Post-Quantum Cryptography Algorithms. As these families of algorithms continue to evolve, NSA expects to select a single set of NIST standards for use by commercial products within NSS.

Source: NSA