The White House has issued a new executive order that significantly shortens the timeline for government agencies and institutions to adopt quantum-resistant encryption systems. The move aims to protect vast amounts of sensitive data belonging to militaries, banks, governments, and individuals from future threats posed by quantum computers.
اضافة اعلان
Titled "Protecting the Nation from Advanced Cryptographic Attacks," the executive order requires systems classified as "high-value assets" and "high-impact systems" to transition to quantum-resistant key establishment technologies by December 31, 2030, and to quantum-safe digital signature systems by December 31, 2031.
The accelerated timeline follows recent research suggesting that the resources and costs required to build a quantum computer capable of breaking today's encryption systems may be far lower than previously estimated. These findings have prompted major companies such as Google and Cloudflare to speed up their own plans to adopt post-quantum cryptography by 2029.
According to the executive order, the emergence of large-scale quantum computers particularly if they fall into the hands of adversaries or hostile actors would pose a significant threat to the encryption systems widely used today. The order also warns that hostile entities may already be collecting encrypted American data and storing it until they acquire the capability to decrypt it in the future using sufficiently powerful quantum computers.
In 2022, the U.S. National Security Agency established a timeline requiring national security systems to be quantum-ready between 2030 and 2033, while most other organizations were given until 2035 to complete the transition. However, the new directive moves these deadlines forward by approximately four to five years for a large number of entities.
Brian LaMacchia, a cryptography engineer who previously led Microsoft's transition to post-quantum cryptography, said that systems classified as high-value assets and high-impact systems are now expected to complete the transition by 2030 and 2031 instead of 2035, describing the move as a substantial reduction in the implementation timeline.
The executive order also introduces a range of additional measures, including the establishment of a government-wide coordination mechanism led by the Director of the Office of Management and Budget and the National Cyber Director. Each federal agency will be required to appoint an official responsible for overseeing the transition process and submitting regular progress reports.
The order further directs the U.S. Department of State to work alongside the National Institute of Standards and Technology (NIST), the Departments of Defense and Homeland Security, the National Cyber Director, and the Director of National Intelligence to engage with foreign governments and industry groups in key countries, encouraging the adoption of post-quantum cryptographic algorithms developed by NIST.
In addition, the directive requires NIST and the Cybersecurity and Infrastructure Security Agency (CISA) to issue guidance related to what is known as a "Cryptographic Bill of Materials" (CBOM) a detailed inventory of all cryptographic components, software libraries, and modules used within any encryption system.
The order also establishes new rules for government procurement that are expected to require contractors working with the U.S. government to comply with the same quantum-readiness deadlines, in addition to adopting clear vulnerability disclosure policies.
Experts believe these measures will help operators of critical infrastructure prepare their transition plans for post-quantum cryptography, while government contractors may face future requirements mandating the implementation of officially approved algorithms and the reporting of discovered cryptographic vulnerabilities.
Despite this accelerated effort, the timeline for the arrival of a quantum computer capable of actually breaking modern encryption systems remains uncertain. For more than three decades, experts have differed in their estimates of when such a technological breakthrough may occur. One of the greatest challenges remains building a system containing the required number of qubits the fundamental units of quantum computing while maintaining sufficient accuracy despite environmental interference.
Last March, researchers announced a theoretical method for breaking the ECC-256 encryption system used to secure the Bitcoin and Ethereum networks using approximately 30,000 physical qubits in just ten days.
In the same month, Google revealed two new quantum circuits capable of solving the elliptic curve discrete logarithm problem using around 500,000 physical qubits roughly half the number estimated by the same team last year to break RSA encryption using 2048-bit keys.
These developments highlight the rapid progress being made in the field. In 2012, it was widely believed that breaking a 2048-bit RSA key would require one billion physical qubits. By 2019, that estimate had dropped to 20 million qubits, and more recent studies suggest the number may be significantly lower.
RSA and elliptic curve cryptography (ECC), two of the most widely used public-key encryption systems in the world, rely on mathematical problems that are extremely difficult for classical computers to solve. However, sufficiently powerful quantum computers could use Shor's algorithm to solve these problems dramatically faster, threatening the very foundation of global encryption infrastructure.
For this reason, researchers are developing new post-quantum cryptographic algorithms based on mathematical problems for which quantum computers have no known advantage over classical computers.
Experts emphasize that transitioning to these new systems is not simply a matter of replacing old algorithms. The alternative cryptographic methods require much larger keys and substantial modifications to digital infrastructure, which explains the seriousness with which governments are approaching this issue.
Alongside the cryptography directive, the White House also issued a second executive order calling on the federal government to collaborate with the private sector to support the development of quantum computing and establish a national framework aimed at building the world's first quantum computer capable of ushering in a new era of scientific discovery powered by this technology.
AlGhad
