Quantum computers are real.
They are built today and can be purchased or used as a cloud-based as-a-service. The result is probably the most far-reaching threat to public-key cryptography in its almost 50-year history.
Post-quantum cryptography (PQC) is the next evolutionary step in digital security. It aims to develop encryption methods that are resistant even to the computing power of future quantum computers.
In our PQC workshop, we prepare you optimally for these threats.
Threat level
The security of today's network protocols and thus ultimately also of end-user software is based on the security of the cryptography used. Even if quantum computers do not yet have a sufficient number of fault-tolerant quantum bits (QuBits) to attack today's cryptography, this is no more than a matter of time.
An attacker steals an encrypted database containing health data and stores it. He later uses a Cryptographically Relevant Quantum Computer (CRQC) to uncover the RSA-encrypted database key, which he can then use to decrypt the database.
A company uses a PKI with RSA certificates for email encryption and signing. An attacker calculates the private key of an employee from a received email with a signature and can then impersonate the employee.
A malicious admin stores a database of password hashes in the company. He later calculates the password plaintexts with a CRQC.
In two years, there will be a breakthrough in quantum computing. Shor's algorithm can be implemented with fewer QuBits. A company has started its PQC migration too late and is still using VPN servers with Diffie-Hellman key exchange. From this point on, the VPN tunnel no longer offers any protection and the traffic can be read by the Internet provider, for example.
Practical introduction to PQC strategies
Our workshop participants receive a carefully prepared introduction to the topics of post-quantum cryptography and crypto-agility. The content provided offers an ideal basis for creating internal awareness of the topic and starting the individual PQC migration.
Compact know-how: Our PQC workshop
The workshop offers a sound and comprehensive introduction to the topic of quantum threat, quantum-safe cryptography, PQC migration and crypto-agility, both from an organizational and technical perspective.
The main contents of the workshop are
// Technical content
- State of research
Overview of the current state of scientific knowledge, including relevant algorithms, security analyses and future development trends.
- State of the art
Presentation of practical technologies and existing implementations of PQC algorithms in software and hardware solutions as well as their possible applications in real systems.
- Recommendations for implementation
Specific recommendations for the selection of suitable PQC procedures, migration strategies and integration into existing infrastructures, taking performance, compatibility and security into account.
// Organizational content
- Regulatory framework
Relevant legal requirements, industry-specific compliance requirements and regulatory developments in the context of cryptographic protection and PQC, e.g. by BSI, NIST or EU requirements.
- Adaptation of internal documents and processes
Necessary changes to guidelines, security concepts, IT strategies and operational processes in order to anchor post-quantum cryptography in the organization and secure it in the long term.
// Follow-up plan
Following the workshop, you will receive comprehensive information on further steps and support recommendations.
