保障未来云安全：PQC 就绪策略.pdf

《保障未来云安全：PQC 就绪策略.pdf》由会员分享，可在线阅读，更多相关《保障未来云安全：PQC 就绪策略.pdf（15页珍藏版）》请在三个皮匠报告上搜索。

1、Securing Tomorrows Cloud:A Strategy for PQC Readinesswith Chris EdmundsonOctober 3,2025|11:10AM-11:40AM MDT The Quantum Threat Mitigations Cloud Provider Readiness OpenSSL-An Implementation Trigger Approach to Post-Quantum Readiness Inventory Assessment Decision Flow Transition&Implementation Illust

2、rative Implementation Timeline Strategic Recommendations Q&AAgendaThe Quantum ThreatMathematics and Algorithms Existing cryptographic systems like RSA and ECC rely on math problems that can be efficiently solved by quantum computersAttacks of Most Concerns“Harvest now,Decrypt later”pattern is of the

3、 most concern for long-lived data Think of data in your environment that would still be sensitive in 710 yearsNot All Are Impacted Equally Symmetric encryption algorithms(such as AES)are impacted less but would still require larger key sizes to maintain security levelCrypto Movement Is Slow Crypto s

4、ystems implementation and upgrade can be very slow Involves many vendors hardware/software upgrades and refactoring code The day a quantum computer can break RSA,ECC,and DH encryption All current internet trust(TLS,PKI,digital signatures)becomes vulnerable Data stolen today can be decrypted tomorrow

5、(“harvest now,decrypt later”)Migration to PQC takes 510 yearsmust start well before Q-Day Uncertain timeline:estimates range from early 2030s onwardQ-Day:The Quantum Security DeadlineMitigationsQuantum-Safe AlgorithmsBrand new algorithms are developed and certified that are expected to be quantum sa

6、feNIST Standard Algorithms(2024)3 standard algorithms released by NIST in 2024Kyber(key establishment)Dilithium,Falcon,and Sphincs for signatureGlobal TimelinesVarious standard bodies have set out a timeline to eliminate vulnerable systems20302035 are the consensual targetImplementation ChallengesNe