"We must start now to prepare for a post-quantum transition." —José Luis Domínguez

Cryptography is essential for digital security and sovereignty. However, with quantum computing, today's asymmetric cryptographic systems will be vulnerable. This calls for a transition to post-quantum cryptography.

______

Why is it important to consider quantum Cyber Security today and what are the main associated risks?

Quantum Cyber Security is important because of advances in quantum computing technologies. These technologies have the potential to overcome the encryption mechanisms currently used in digital security.

This advancement will change the current rules, so it is imperative to have this protection capability today, before cryptographically relevant quantum computers change the established encryption rules.

NIST published the first post-quantum cryptography algorithms in August last year, initiating protection against quantum computing. These algorithms, chosen by the global cryptographic community, allow us to begin the post-quantum transition.

What strategies should companies adopt to prepare against quantum threats?

Companies should begin to have clear visibility into the encryption algorithms they use, as well as identify the location and assets most at risk of attack. The purpose of this measure is to implement a strategy of transforming all their algorithms towards post-quantum cryptography.

Crypto-agility consists of implementing security solutions capable of dynamically changing encryption algorithms.

What do our Quantum Safe Cyber Security solutions and services consist of?

Telefónica Tech offers a wide range of Quantum Safe Cyber Security solutions including consulting and audit-based professional services to identify critical assets. We also provide services to identify client assets, protect these assets through remediation strategies, and finally, governance and monitoring of assets over time to ensure a successful transition and maintain long-term security.

Our Quantum Safe Cyber Security solutions are designed to protect against quantum computing threats and ensure the resilience of digital infrastructures. We use post-quantum cryptography algorithms to ensure data integrity and confidentiality, from updating public key infrastructures to implementing automated discovery solutions, enabling effective security management in a post-quantum environment.

What kind of recommendations are emerging around quantum Cyber Security and what measures should companies take to comply with them?

The main recommendations in this area come from organizations such as NIST in the US or CCN (National Cryptologic Center) in Spain. These recommendations focus on the transition to a quantum approach and progressive adaptation. It is recognized that it will be a hybrid environment where customers will use traditional encryption along with post-quantum encryption during the transition process.

Information is currently being exfiltrated that can be decrypted with quantum computers. This cyber threat, known as HNDL (Harvest Now, Decrypt Later), requires this protection capability now.

The concept of cryptoagility is also introduced, which consists of implementing solutions capable of dynamically changing algorithms if any of them are compromised. Both the transition and adaptation and the concept of cryptoagility are the current recommendations for our customers.

* * *

Get our handbook on protecting data from the quantum threat

At Telefónica Tech we advocate for a cryptoagility-based strategy, enabling systems to adapt to new threats without disrupting operations.

■ We invite all organisations to access our complimentary handbook Strategic preparation for Post-Quantum Cryptography and take the first step towards a resilient cryptographic infrastructure ready for the quantum era.