当前位置:首页 > 报告详情

PQC迁移实地指南.pdf

上传人: 可*** 编号:991728 2025-12-07 24页 1.47MB

1、14/05/2025A Field Guide to PQC MigrationTactics,Techniques,and ProceduresMark CarneyQ-Day is coming.What the Quantum Threat means to common cybersecurity requirements ConfidentialityIntegrityAvailabilityCertificate ManagementTransport Layer SecurityDigital SignaturesEncrypted Confidential CommsIPSec

2、 TunnelsKey ManagementIdentity ManagementData ClassificationsInfrastructure Administration=potentially Affected by quantum techThe Dragon-Q-Day is Coming!14THAPRIL 2030Quantum technology is expected to reach the maturity enough to be a valid threat against currently in-use cryptography on:Source:htt

3、ps:/cloudsecurityalliance.org/research/working-groups/quantum-safe-security/(its a Sunday)Yr2425262728293031323334Time to Q-DayUK PoliceCommercial DataTax RecordsFinancial RecordsGovernment RecordsMortgages/Govt Bonds(digital signatures)-30-50yrsData Retention Periods vs.Q-Day Estimates a ChartNIST

4、Is Coming Look Busy!New Algo NameOld Algo NameFIPS#FIPS TitleML-KEMCRYSTALS-KYBER203Module-Lattice-Based Key-Encapsulation MechanismML-DSACRYSTALS-DILITHIUM204Module-Lattice-Based Digital Signature StandardSLH-DSASPHINCS+205Stateless Hash-Based Digital Signature StandardFN-DSA*FALCONTBCTBC Something

5、 Something FFT over NTRU Lattices Something something DSA or sim.*Falcon was also called NL-DSA in initial documentation,but this was too close to ML-DSA so FN-DSA is currently used.Source-https:/ Agility OODA Loops for CryptographersCompare cryptographic assets to Requirements(Regulations or best p

6、ractices)Decide where to make changes and in what order.Replace any cryptography identified as not fit for purposeMonitor changes in cryptography standards and/or internal codeLocate all cryptography in an initial discoveryBenefits of Crypto-AgilityAbility to automate cryptography-e.g.Certificates n

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据《PQCMigrationTactics, Techniques, and Procedures》的内容,以下是全文关键点的概括: 1. **量子威胁临近**:预计到2030年4月14日,量子技术成熟到足以威胁当前使用的密码学。 2. **数据影响**:包括商业数据、税务记录、金融记录、政府记录等,可能受到量子技术的影响。 3. **NIST更新**:NIST正在更新算法,如ML-KEM、ML-DSA、SLH-DSA等,以应对量子威胁。 4. **加密敏捷性**:通过自动化和审计,快速响应新威胁和法规。 5. **CBOM(加密物料清单)**:记录软件系统中使用的加密组件,以简化发现过程。 6. **CodeQL**:GitHub的静态分析工具,用于检测代码中的漏洞。 7. **CryptoBOM Forge**:用于生成CBOM的工具。 8. **CryptoMON**:开源的加密监控工具,用于监控网络中的加密使用情况。 9. **全球加密标准**:包括加密实现、密钥管理等方面。 10. **量子计算对加密的影响**:需要重新评估和更新加密算法和密钥管理策略。
Q-Day将至,你准备好了吗?" "如何应对量子计算对加密的挑战?" 你的加密资产安全吗?"
客服
商务合作
小程序
服务号
折叠