The transition to Post-Quantum Cryptography (PQC) mirrors many significant technology migration projects. The main objective is to seamlessly integrate PQC into existing systems while minimizing new cyber security threats. Hence, comprehensive planning at the outset is crucial.
Organizations may adopt various models for successful technology migration, with each having its unique framework. Regardless of the chosen method, all approaches share essential phases of work. These phases are presented here in a manner that transcends specific delivery methodologies; although they are sequential, they often interconnect in practice.
Establishing Migration Objectives
The necessity for PQC migration stems from the need to mitigate cyber security threats posed by quantum computing. As PQC becomes increasingly prevalent, those failing to transition may find themselves managing outdated infrastructures accompanied by substantial risks. Therefore, primary objectives should focus on establishing a resilient cryptographic infrastructure while aligning with broader cyber resilience goals relevant to specific sectors and regulatory demands.
Future agility of systems must also be a consideration. The complexity derived from longstanding cryptographic services can complicate discovering current components, identifying, and executing appropriate mitigation strategies. The migration to PQC offers a chance to streamline the infrastructure, thereby alleviating various cyber security risks.
Discovery and Evaluation
Any significant system migration must begin with a clear assessment of the existing infrastructure, ensuring the following:
- Identification of crucial services and applications
- Creation of a record detailing the data held, its expected lifespan, and its value to potential adversaries
- Understanding of data protection methods during transit and while stored
Mapping the operational systems managing these services is essential, as is having a reliable process for managing software and hardware assets effectively.
Understanding how services are managed is critical, too. For instance, are they hosted on-premises or in the cloud? Do you manage them internally, or do you outsource to managed service providers? Many organizations rely on external providers for substantial IT capabilities, making it crucial that these providers also participate in assessment activities.
Comprehending the total infrastructure should encompass:
- Services and systems operated internally and those accessed by external users
- Products developed or utilized by your organization with cryptographic, cyber security, communication, or data processing functions
- Software applications in use
- Networking and communication hardware, including routers, switches, hubs, modems, gateways, VPNs, repeaters, and base stations
- Managed mobile devices
- Servers and workstations
- IoT and industrial control system devices with communication capabilities
- End-user devices and tokens
- Field-installed devices and sensors
This overview is not meant to serve as a formal asset register; it is critical to understand the nature of each system to create a migration plan. However, it is necessary to quantify the scale of each system, capturing version information and patch levels where applicable. Identifying dependencies within system components will aid in pinpointing where migration challenges may be simpler to resolve, whether through your service provider or routine updates from key IT suppliers.
Some systems require a deeper understanding of their cryptographic components to accurately map necessary cryptography, protocols, and hardware. Both top-down and bottom-up approaches are beneficial for a comprehensive assessment; a top-down view focuses on core services and architectural dependencies, while a bottom-up analysis examines cryptography usage at a network level.
Selecting a Migration Strategy
You must determine a strategy for migrating each system, service, or product under your responsibility. If dependent on commodity platforms, upgrades to PQC will typically be managed by your service provider, requiring little more than routine updates. Detailed guidance on maintaining updated devices and software can be found in the NCSC’s guide for device and software management.
If you do not rely on commodity technology, several migration strategies become available:
- In-place migration: Replace the vulnerable public key cryptography (PKC) components with their PQC counterparts, adjusting minimal other system elements.
- Re-platform: Shift the service to an upgraded platform compatible with PQC, potentially re-evaluating broader architectural decisions — for example, transitioning to cloud-based solutions.
- Retire the service: Set a future termination date to avoid migration.
- Run until end-of-life: Sustain systems likely to be phased out within a defined period.
- Tolerate the risk: Operate without mitigation against quantum computing threats.
Additionally, some systems may not be susceptible to quantum attacks if PKC is absent, necessitating no action on your part. Conversely, old legacy systems might not support a shift to PQC, and your strategy should reflect this complexity.
Formulating Your Migration Plan
At this juncture, it’s crucial to outline a series of migration activities, having identified:
- Your priority services, especially those handling valuable or long-term data
- Dependencies linked to long-lived hardware
- Your supply chains and service providers
- Risks associated with legacy systems
The plan for migrating each system should encompass timelines, detailing potential steps such as evaluating technological options, procurement, commissioning, testing, data backup, and migration, leading to the rollout.
Business continuity must also be integrated; understanding the acceptable levels of service disruption during migration and devising a rollback strategy in case of setbacks is critical. In environments with operational technology (OT) or extensive physical infrastructure, be particularly cognizant of the limits imposed by infrequent upgrade cycles.
For systems that are relatively straightforward and can transition in a single effort (‘big bang’), you may find coexistence between traditional PKC and PQC necessary for a period. Ensuring compatibility-breaking changes during PQC adoption may require new systems capable of supporting both PKC algorithms and PQC options during migration. Aim for solutions enabling cryptographic agility—the ability to readily switch between various cryptographic algorithm suites—and establish criteria for phasing out legacy algorithms. Full security against quantum threats is achieved only when reliance on traditional PKC is eliminated.
PQC Migration for Enterprise PKI
Large enterprise systems typically encompass a privately hosted Public Key Infrastructure (PKI), issuing certificates for devices (and occasionally users) essential for network identity verification. Transitioning an enterprise PKI necessitates the establishment of a new PQC root of trust and the issuance of new PQC certificates across the network. While this process is generally feasible remotely via network management systems, certain devices may require physical interventions.
Multiple migration models can be employed. The most straightforward involves setting up a parallel enterprise PKI with PQC algorithms alongside the existing PKI, while some controlled environments might allow for a seamless transition without simultaneous operations. More often, a phased migration running both systems concurrently will be necessary, utilizing compatible protocols (such as TLS and IKE) that permit negotiation between cryptographic exchanges, enabling usage of PQC certificates once both parties are upgraded. Alternatively, introducing a new PQC root of trust that cross-signs with the existing PKI may also be an option.
Each approach’s security implications require case-by-case assessment. Generally, quantum-secure authentication will remain elusive until the PKI migration concludes and traditional certificates are either expired or revoked.
All planning should align with the understanding of the maturity of robust, standards-compliant implementations of PQC algorithms and protocols. Achieving full PQC readiness across global cryptographic systems will require years, with trusted implementations necessary for every aspect required. Migration should be seen as an iterative process with multiple deployment cycles requiring thorough testing.
Note: Aside from a select few companies employing cryptography experts, your strategy should not involve creating proprietary implementations of post-quantum cryptography. Certified PQC algorithms and trusted libraries (both open-source and proprietary) will integrate PQC into protocols effectively.
Implementing Your Migration Plan
Moving forward, higher priority activities should take precedence according to your migration plan. As execution continues, refinements will likely occur, keeping pace with supplier developments and improvements in the broader PQC ecosystem. As commercial PQC infrastructure evolves and becomes more accessible, further precision can be integrated into the later stages of your migration.
Testing and validation must be pivotal in any major IT migration, ensuring thorough integration of PQC-supporting libraries, software, and hardware into individual systems and confirming interoperability with identified dependencies.
While incorrectly configured cryptographic systems might not immediately disrupt services, they compromise security. Consequently, additional tests should validate that cryptography is functioning correctly, such as ensuring that systems utilize standardized PQC cipher suites for TLS and do not regress to traditional cryptography. Various tools are available to assist in this evaluation.
A rigorous assurance process must ensure that the implementation of the PQC migration—and related cyber security enhancements—aligns with your core objectives. Metrics for measuring migration success are essential, including quantifying the number of software clients using PQC and identifying those that haven’t transitioned. These metrics will guide you through the migration process, highlight any needed corrective actions, and indicate when support for traditional algorithms can be phased out.
Based on an article from ncsc.gov.uk: https://www.ncsc.gov.uk/guidance/pqc-migration-timelines
