• Tue. Nov 28th, 2023

    Critical Thought

    Critical thoughts on quantum technologies

    Quantum-Secure Future: SSH Communications Security Joins NIST PQC Migration Consortium

    ByThemba Hadebe

    Nov 21, 2023
    Quantum-Secure Future: SSH Communications Security Joins NIST PQC Migration Consortium

    Helsinki, Finland – September 1, 2023 – In a remarkable development, SSH Communications Security, a leading Defensive Cybersecurity Company, has joined the US National Institute of Standards and Technology (NIST) Post-Quantum Cryptography Building Block Consortium. This Consortium, operated by the National Cybersecurity Center of Excellence (NCCoE), is a collaborative hub that addresses cybersecurity challenges by working closely with industry, government, and academia. The inclusion of SSH Communications Security in this consortium paves the way for the adoption of quantum-safe solutions not only in the United States but also globally.

    The primary mission of the Consortium is to raise awareness about the complexities involved in migrating to post-quantum algorithms and to develop best practices that facilitate the transition from existing public-key algorithms to replacement algorithms. It is important to note that NIST does not evaluate commercial products as part of this Consortium and does not endorse any specific product or service.

    To solidify the partnership between SSH Communications Security and NIST, a collaborative research and development agreement (CRADA) known as the National Cybersecurity Center of Excellence Migration to Post-Quantum Cryptography Building Block Consortium Cooperative Research and Development Agreement has been officially signed. This agreement, signed on July 31, 2023, signifies SSH’s official inclusion in the NIST PQC migration consortium.

    In response to the critical need for enhanced cybersecurity against quantum threats, NIST published the first FIPS draft of the preferred PQC (Post-Quantum Cryptography) algorithms on August 24, 2023. These algorithms, including CRYSTALS-KYBER and CRYSTALS-DILITHIUM, had already been selected for standardization, and their finalization is expected in 2024. SSH Communications Security welcomes the standardization of these algorithms and is particularly excited about the wider adoption of the CRYSTALS-KYBER Key Encapsulation Mechanism (KEM) and the future migration to preferred PQC signature algorithms.

    Rather than quoting, SSH Fellow Ms. Suvi Lampila emphasized the urgency of migrating to PQC in order to protect key exchanges in network communication protocols such as TLS, SSH, and IPsec from retroactive attacks. She expressed the company’s satisfaction in contributing to the NIST PQC migration effort and the industry’s collective effort to migrate to quantum-safe signature algorithms.

    With more than 28 years of encryption expertise, SSH Communications Security’s participation in the NIST PQC migration consortium is a significant milestone in its ongoing mission to secure the digital landscape against quantum threats. CEO Teemu Tunkelo expressed immense pride in the company’s involvement in pioneering quantum computing-resistant solutions and actively searching for robust algorithms that ensure the security of their customers’ communications and society at large. Joining hands with the NIST PQC Migration Consortium, SSH Communications Security looks forward to shaping a quantum-secure world for future generations.

    For more information on the NIST PQC Migration Consortium, please visit: https://www.nccoe.nist.gov/projects/building-blocks/post-quantum-cryptography

    To learn more about SSH’s Quantum-Safe Cryptographic Security Solutions, visit: Quantum Safe Cryptography (QSC) Security Solutions | SSH

    Frequently Asked Questions

    1. What is the purpose of the NIST PQC Migration Consortium?

      The NIST PQC Migration Consortium aims to raise awareness about the challenges involved in transitioning to post-quantum algorithms and develop best practices for this migration.

    2. What role does NIST play in the Consortium?

      NIST operates the Consortium and provides a collaborative hub for industry, government, and academia to address cybersecurity challenges.

    3. Does NIST endorse any specific products or services?

      No, NIST does not evaluate or endorse commercial products or services as part of the Consortium.

    4. What are the preferred PQC algorithms mentioned in the article?

      The preferred PQC algorithms include CRYSTALS-KYBER and CRYSTALS-DILITHIUM.

    5. Why is migrating to PQC important?

      Migrating to PQC is essential to protect key exchanges in network communication protocols from retroactive attacks posed by quantum threats.

    Distribution: Major media www.ssh.com

    About SSH
    SSH Communications Security helps organizations secure their mission-critical digital assets at rest, in transit, and in use. With over 5,000 customers worldwide, including 40 percent of Fortune 500 companies and major organizations in finance, government, retail, and industrial sectors, SSH is committed to delivering secure solutions for hybrid cloud and distributed IT and OT environments. By offering Zero Trust solutions, SSH enables safe electronic communications and secure access to servers. The company operates globally through teams in North America, Europe, and Asia, supported by a network of certified partners. SSH Communications Security is listed on Nasdaq Helsinki under the ticker symbol SSH1V. For more information, visit www.ssh.com.