Skip to content
Close
Arqit_New_Brand_CNI 01

Government & Critical National Infrastructure

In the US, White House National Security Memorandum 10 clearly mandates that Government agencies adopt symmetric key protections for National Security Systems to meet the challenge of quantum computing. Similarly, the UK’s Information Commissioner’s Office (ICO), recently urged enterprises to start preparing now for quantum resilience.
Arqit_New_Brand_General (62)
Arqit_New_Brand_General (28)

The requirement for increased security grows in line with increased use and volumes of data. It has long been understood that PKI is not a suitable defence against “Store now, decrypt later” (SNDL) attacks, and that the critical private data of both organisations and a country’s citizens must be protected fully against cyber attack.

Arqit’s cloud-based symmetric key agreement platform, which protects both public infrastructure and private networks against high end threats including attack from a quantum computer, enables the digital future for government agencies and critical national infrastructure in a post-quantum world. Its lightweight and low latency nature means it can do this without impacting bandwidth or needing to replace legacy hardware.

Arqit_New_Brand_General (27)

Arqit_New_Brand_General (25)

We secure data in:

  • Healthcare
  • Tax
  • Utilities
  • Education
  • Intellectual Property
  • Financial Services

What do international security agencies say about symmetric keys?

Cyber agencies are recommending the adoption of symmetric key protections as part of a crypto-agile strategy. 
US

The NSA: The White House mandated use of symmetric encryption in 2022  which directs National Security Systems (NSS) to use symmetric keys.

The NSA published a statement via NIAP in August 2023 which mandates the use of RFC8784 by all VPN vendors selling under NSA CSfC authority . RFC8784 is the IETF standard which describes how symmetric keys must be injected into networking appliances like VPNs. NSA CSfC/NIAP is therefore demanding that all classified user VPNs use symmetric keys using this standard. Arqit is the only cloud-software-fulfilled method of delivering symmetric keys which allows true RFC8784 compliance. The only other secure way to inject symmetric keys into appliances using this standard is to use a hardware crypto device, which is cumbersome and expensive and does not allow dynamic creation of multi-cloud connections wherever you want them.
France/Germany/Sweden/Netherlands

A joint paper  was issued on 26 January 2024. It is a relatively high level paper on the perceived constraints and issues on use of QKD. The paper also contains statements about symmetric encryption:

  • “In light of the urgent need to stop relying only on quantum-vulnerable public-key cryptography for key establishment, the clear priorities should therefore be the migration to post-quantum cryptography and/or the adoption of symmetric keying “.
  • “Post-quantum cryptography and symmetric keying (with pre-shared symmetric keys) must be the primary solutions for quantum-safe cryptography.”
France

ANSSI: The December 2023 paper by ANSSI recommends hybrid methods for authentication and encryption

  • "ANSSI encourages all industries to define a progressive transition strategy towards quantum-resistant cryptography for relevant cryptographic products. The use of hybrid post-quantum mitigation is recommended especially for security products aimed at offering a long-lasting protection of information (until after 2030) or that will potentially be used after 2030 without updates."
  • “While there is no concrete evidence that symmetric cryptographic mechanisms would be significantly threatened by quantum computers, a speedup can be expected in certain cases with Grover algorithm and other advanced Grover-based algorithms. Thus, as a conservative measure, ANSSI also encourages to dimension the parameters of symmetric primitives as to ensure a conjectured post-quantum security – in practice at least the same security level as AES-256 for block ciphers and at least the same security level as SHA2-384 for hash functions. This encouragement is slightly more conservative than NIST's and BSI's current recommendation.”
Germany

BSI: The BSI recently published a report  stating PQCs are not going to help to mitigate the quantum threat in time.

  • “On average, this means the participating organisations expect to complete the migration to quantum-safe cryptography 6.5 years too late. If confidential information can be read for many years, possibly while going unnoticed, this could have serious consequences.”

Arqit protects critical private data while maintaining the ability to operate and deliver – making it available where it is required to deliver the services people need.

Book a Consultation