The NSA’s Information Assurance Directorate left many people scratching their heads in the winter of 2015. The directive instructed those that follow its guidelines to postpone moving from RSA cryptography to elliptic curve cryptography (ECC) if they hadn’t already done so.
For those partners and vendors that have not yet made the transition to Suite B elliptic curve algorithms, we recommend not making a significant expenditure to do so at this point but instead to prepare for the upcoming quantum-resistant algorithm transition.
The timing of the announcement was curious. Many in the crypto community wondered if there had been a quantum computing breakthrough significant enough to warrant the NSA’s concern. A likely candidate for such a breakthrough came from the University of New South Wales, Australia, where researchers announced that they’d achieved quantum effects in silicon, which would be a massive jump forward for quantum computing.
Since then, the crypto community has been trying to prepare for the transition to “quantum-resistant” algorithms—that is, algorithms that are secure against an attack by a quantum computer. Let’s look at some of the likely candidates for those algorithms and how they’ll be fitted into the Transport Layer Security (TLS) protocol that we all use today with HTTPS. But first, a bit of explanation.