๐Ÿš€ ๐—–๐—ฟ๐˜†๐—ฝ๐˜๐—ผ๐—ด๐—ฟ๐—ฎ๐—ฝ๐—ต๐˜† ๐—ถ๐—ป ๐˜๐—ต๐—ฒ ๐—ค๐˜‚๐—ฎ๐—ป๐˜๐˜‚๐—บ ๐—”๐—ด๐—ฒ: ๐—ฆ๐˜๐—ฎ๐—ฟ๐˜๐—ถ๐—ป๐—ด ๐—ก๐—ผ๐˜„

๐Ÿš€ ๐—–๐—ฟ๐˜†๐—ฝ๐˜๐—ผ๐—ด๐—ฟ๐—ฎ๐—ฝ๐—ต๐˜† ๐—ถ๐—ป ๐˜๐—ต๐—ฒ ๐—ค๐˜‚๐—ฎ๐—ป๐˜๐˜‚๐—บ ๐—”๐—ด๐—ฒ: ๐—ฆ๐˜๐—ฎ๐—ฟ๐˜๐—ถ๐—ป๐—ด ๐—ก๐—ผ๐˜„

Yesterday I had the pleasure to listen to and discuss with my colleagues Sviatoslav Redko and Viacheslav Romanov during their talk “Cryptography in the Quantum Age: Starting Now.” They guided us through the future of data security with insights on quantum-resistant cryptography.

๐Ÿ” What We Explored:

1๏ธโƒฃ The impact of quantum computing on traditional encryption 2๏ธโƒฃ Vulnerabilities in current cryptographic systems 3๏ธโƒฃ Post-quantum solutions emerging in the industry 4๏ธโƒฃ Latest NIST standards and important industry collaborations 5๏ธโƒฃ Security strategies specifically designed for cloud users 6๏ธโƒฃ Roadmap for making workloads quantum-safe

๐Ÿ’ก A Familiar Challenge with New Urgency

This isn’t actually a completely new situation, and you don’t need to develop a deep understanding of quantum computing. In traditional computing, we’ve always lived in a world where computing power per dollar increases over timeโ€”known as Moore’s Law.

When you encrypt data today using methods considered “safe enough” against current attack capabilities, there will inevitably come a point when attackers can afford enough computing power to break that encryption. Depending on your requirements, periodic re-encryption may be necessary. Remember: once your encrypted data has been shared (intentionally or not), the holder of your data may eventually be able to decrypt it without your key. This is something we should always keep in mind, especially with encryption in transit.

โš ๏ธ Why the Urgency Now?

While everything above remains true, quantum computation’s arrival represents not just more computational power like we see evolving according to Moore’s law, but exponentially more. This creates a dramatic leap rather than a gradual increase, potentially rendering traditional encryption methods obsolete overnight.

โœ… The Good News: Advances in post-quantum cryptography standardization are moving quickly. AWS is heavily invested in this area and in adopting post-quantum cryptography across their services. [1]

๐Ÿ” Remember the Shared Responsibility: This isn’t solely AWS’s concern. As the shared responsibility model [2] reminds us, AWS secures the cloud infrastructure, but you must ensure your workloads are secure.

๐Ÿ”ง Time to Dive Deep

Now is an excellent time to explore this topic further. I recommend checking out the “Using Post-Quantum Cryptography on AWS” workshop [3] to better understand the concepts and gain hands-on experience.

๐Ÿ’ฌ Is post-quantum cryptography top of mind for you? Is it on your backlog/roadmap?

References: [1] Post-Quantum Cryptography - https://aws.amazon.com/security/post-quantum-cryptography/ [2] Shared Responsibility model - https://aws.amazon.com/compliance/shared-responsibility-model/ [3] Workshop “Using Post-Quantum Cryptography on AWS” - https://catalog.workshops.aws/using-pq-crypto-on-aws/en-US

Cross-posted to LinkedIn