Nigel Edwards
π€ SpeakerAppearances Over Time
Podcast Appearances
And so right now my advice would be to start planning.
You need to know the critical systems because this is not going to be just a turn of a switch, right?
You need to understand how you're going to upgrade your systems.
When the upgrade is planned, you need to look at how you're going to refresh the hardware.
Look at how you're going to refresh the software stacks as well.
The operating systems will have to change.
The services running on the operating systems will have to change.
Some changes are being made to software.
A well-known web browser, for example, already has some PQC algorithms running in it.
Software is a little different to hardware because software can be upgraded in the field.
Hardware is much harder to upgrade in the field and much more expensive.
It's not a question of patching.
You've got to open up the chassis and pull out the components.
And to upgrade a current generation server to a PQC enabled server, that would require changing the motherboard.
Cryptographic algorithms are based on hard mathematical problems and the security depends on the hardness of those mathematical problems so that you can execute a function to encrypt or sign something and actually reversing that without the correct keys becomes very hard.
Recovering the keys is mathematically intractable.
And though there are algorithms which in theory could recover the keys and break the cryptography,
They would take too long to run on the most powerful supercomputer we have available today.
Millions or billions of years.