NATO Tests A Post-Quantum VPN

Scientists are predicting that quantum computers will soon be able to break some commonly used encryption methods and it transpires that NATO and allies have been testing post-quantum solutions to prepare for possible future attacks. 

Post-Quantum provides different algorithms to ensure security, even when facing attackers using quantum computing. 

A Virtual Private Network (VPN) can use these algorithms to secure communications, ensuring that only the correct recipient can read the data. 

The British National Cyber Security Centre (NCSC) has performed successful tests of communication flows secured for a post-quantum world, using a VPN designed and built by Post-Quantum, a UK-based quantum cyber specialist. The NCSC stated that it is becoming increasingly important to stay alert of current and projected threats, prompting the tests. 

The trial began in March 2021, and was recently completed as quantum computing is becoming more practical and affordable. This means that attackers may begin adopting the technology to advance their attacks. It is thought that a quantum computer will soon be able to break most, if not all, current encryption methods leaving email, secure banking and communications systems vulnerable to disruption from malicious actors. 

This means all large organisations, technology companies and Internet standards will need to transition to quantum-secure encryption.

The NCSC has responsibility for protecting NATO networks as part of a project was financed by the Allied Command Transformation’s VISTA framework.  which is tasked with leveraging knowledge and research done by NATO enterprise, nations, academia and industry to “enable science and technology for accelerated warfare development”. The NCSC worked with a UK-based company Post-Quantum to conduct the test. The company provides organisations with algorithms that ensure security even if attackers are leveraging quantum computing and according to Post-Quantum, its technology blends both post-quantum and traditional encryption algorithms to ensure that data transiting the VPN can only be read by the intended recipient. 

Post-Quantum uses VPN algorithms to secure communications and make sure that only the correct recipient can read the data.

“Securing NATO’s communications for the quantum era is paramount to our ability to operate effectively without fear of interception... With the threat of ‘harvest now and decrypt later’ looming over secure communications, this is an increasingly important effort to protect against current and future threats.” said Konrad Wrona, principal scientist at the NATO Communications & Information Agency (NCIA). 

It will take several years for systems to migrate to quantum-secure technology and right now it appears more realistic to combine cutting-edge algorithms with more traditional encryption to ensure interoperability into the future.

The technology has already been proposed to the Internet Engineering Taskforce (IETF) for open standardisation.

Post-Quantum has developed a suite of quantum-safe software products with a focus on identity, transmission and encryption, delivering end-to-end quantum-secure environments. “Over 10 years of deep R&D means we are well placed to engineer real-world quantum-safe solutions,” said Andersen Cheng, CEO of Post-Quantum. “This project with NATO is an important milestone in the world’s migration to a quantum-safe ecosystem. Organisations would be wise to take action now.”

NCIA:     NCIA:     Computer Weekly:      Oodaloop:     Post-Quantum:     Information Age:     ZDNet:     

You Might Also Read: 

Quantum Computing Will Have A Revolutionary Effect:

 

« Russia Threatens To Block Wikipedia
Microsoft Exchange Exploited By ‘Cuba’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Academy - University of Southampton

Cyber Security Academy - University of Southampton

An industry/University partnership established to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

SparkCognition

SparkCognition

SparkCognition’s AI-powered solutions enhance cybersecurity, identify and prevent equipment failures before they happen, and provide prescriptive intelligence for maintaining your most critical assets

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

Greensafe IT

Greensafe IT

Greensafe offer various onsite and offsite data erasure services, aimed at increasing data security whilst reducing any risk of data loss during transit.

Gigacycle

Gigacycle

Gigacycle is one of the leading IT disposal and recycling providers in the UK. We specialise in IT asset disposal (ITAD) and data destruction.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

Centroid

Centroid

Centroid is a cloud services and technology company that provides Oracle enterprise workload consulting and managed services across Oracle, Azure, Amazon, Google, and private cloud.

Radius Technologies

Radius Technologies

Radius Technologies is trusted by progressive SMEs to deliver world-class cloud, IT solutions, IT and data security, and telecoms systems.