Washington: Of all the critical tasks under the remit of the Pentagon’s IT office, one has risen to the highest priority: finding vulnerabilities and then modernising the DoD’s cryptographic algorithms to stay one step ahead of adversary hackers, especially in a coming post-quantum world.
“We’ve got to think ahead as to what the adversary might be working on and develop algorithms that are there in time to meet the adversary’s ability to crack those [older] algorithms,” David McKeown, who is dual hatted as the Pentagon’s Deputy CIO and the DoD’s senior information security officer, said during a keynote speech at the AFCEA Tech Summit.
He said a vital part of protecting Pentagon data is building cryptographic systems that are resistant to quantum computing in what’s called Post-Quantum Cryptography (PQC).
Quantum computing techniques are so advanced that they could, in theory, crack just about any existing encryption. Most encryption for digital communication uses algorithms based on a security framework known as RSA, invented in 1977, that allows two parties to communicate securely without having to exchange secret keys beforehand. Scientists have theorised that quantum computing, when fully developed, could use an exponential jump in calculation speed and complexity to crack the code.
McKeown acknowledged that quantum computers are still probably “10 years away,” but, he said, the time is now for the Pentagon to do a sprawling review to determine where it might be vulnerable.
“There’s going to be a year where [quantum computing] is not going to be 10 years away, and it’s going to be nine years, and eight years and seven so we gotta work on this together,” McKeown said.