1. Forum
  2. FidoNet
  3. POLITICS

  • The UK releases timeline

    From Mike Powell@1:2320/105 to All on Fri Mar 21 10:41:00 2025
    The UK releases timeline for migration to post-quantum cryptography

    Date:
    Fri, 21 Mar 2025 10:48:18 +0000

    Description:
    The UK Government has issued guidance for decision makers about the risks of future quantum computers.

    FULL STORY ======================================================================
    - The UK Government has released new guidelines for post-quantum migration
    - The timeline outlines a target of full migration by 2031
    - SMEs should find this more simple due to updated guidance

    The UK Government has released its guidelines on protecting technical systems from future quantum computers.

    The National Cyber Security Centre set a timeline for the UK industry and government agencies to follow with key dates, firstly, by 2028 all organizations should have a defined set of migration goals, and an initial plan, and should have carried out a full discovery exercise to assess infrastructure and determine what must be updated to post-quantum computing.

    By 2031, organizations should carry out the highest priority migration activities, and have a refined plan for a thorough roadmap to completing the change. Finally, by 2035, migration should be completed for all systems, services, and products.

    Large-scale threats

    The UK Government labelled the move a mass technology change that will take a number of years - but why is the migration needed?

    The Government outlines that the threat to cryptography from future large-scale, fault-tolerant quantum computers is now well understood, and
    that technical systems will need to evolve to reflect this.

    Quantum computers will be able to efficiently solve the hard mathematical problems that asymmetric public key cryptography (PKC) relies on to protect
    our networks today, the guidelines confirm.

    The primary mitigation to the risk this poses is to migrate to post-quantum cryptography (PQC); cryptography based on mathematical problems that quantum computers cannot solve efficiently.

    The report warns that the total financial cost of PQC migration could be significant, so organizations should budget accordingly, including for preparatory activities as well as the migration itself.

    For SMEs, the PQC should be more straightforward and seamless, as services
    will typically be updated by vendors, but in the case of specialised
    software, PQC-compatable replacements or upgrades should be identified and deployed in line with the above timetable.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/the-uk-releases-timeline-for-migration- to-post-quantum-cryptography

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)