Cyber IT Supervisory Forum eBook

Internal Use Only It’s Not Just Up to You. Many Standards Need to Be Modified to Make PQC Work Outside Enterprise

| 27 |

Standard

Status

Permanently / indefinitely blocked Blocked / Stalled Discussions in progress Active RFCs / proposals Discussion of final approval Final draft approved / official

PQ KEM

FIPS 203

PQ Signatures

FIPS 204, FIPS 205, NIST SP 800-208

SSH

Drafts, but no path to ratification

TLS 1.2 / DTLS 1.2 TLS 1.3 / DTLS 1.3

draft-rsalz-tls-tls12-frozen

Active proposals (pure & hybrid) in process

MACsec

Follows TLS

UEFI TCP QUIC FIDO2

Follows PKCS #7 / CMS

Flexibility-related drafts in progress Discussions / issues raised, no draft yet End-to-end viability demonstrated Fragmentation issues open problem

DNSsec

IKE

Fragmentation issues discussion

IPsec

Symmetric-only

© 2024 THE MITRE CORPORATION. ALL RIGHTS RESERVED. APPROVED FOR PUBLIC RELEASE. DISTRIBUTION UNLIMITED 23-01698-01.

Internal Use Only

Resources That May Be Helpful

 NIST PQC Resource Center  https://csrc.nist.gov/projects/post-quantum-cryptography  PQC Coalition  https://pqcc.org/  World Economic Forum  https://www.weforum.org/publications/quantum-security-for-the-financial-sector-informing global-regulatory-approaches/  https://www3.weforum.org/docs/WEF_Quantum_Readiness_Toolkit_2023.pdf  Business literature  McKinsey: https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/when-and-how-to prepare-for-post-quantum-cryptography  HBR: https://hbr.org/2022/01/quantum-computing-for-business-leaders

28

© 2024 THE MITRE CORPORATION. ALL RIGHTS RESERVED. APPROVED FOR PUBLIC RELEASE. DISTRIBUTION UNLIMITED 23-01698-01.