Planning for Quantum Computing impacts on encryption factsheet
Overview
Quantum computing is poised to disrupt traditional encryption methods, posing significant risks to data security. Organisations should start planning now for the upcoming transition to post-quantum cryptography (PQC).
Current encryption infrastructures are built on cryptographic algorithms, such as RSA and ECC, that will become obsolete and insecure because of quantum computing. Most systems and applications will require an upgrade of encryption capabilities. The upgrade should be undertaken ahead of the arrival of quantum attacks, especially when considering the ability for adversaries to harvest encrypted data today and decrypt it later.
In recognition of this, the Australian Government’s Information Security Manual now states that traditional encryption algorithms will cease to be approved for use by 2030. As a result of this, entities should plan to migrate away from non-quantum safe algorithms to quantum safe cryptographic options prior to then.
Recommended actions
To prepare for the quantum era, Queensland Government entities should take the following steps:
- Include requirements for PQC migration for future systems
- Ensure all new (and upgraded) systems include plans to migrate to quantum-resistant encryption before 2030.
- Refresh the cryptography inventory
- Review and refresh the inventory of all systems using cryptography, including algorithms and key details.
- Identify systems that handle sensitive data or transmit information over public networks (or airspace for wireless networks), particularly where the information needs to be protected post 2030 and prioritise these for PQC upgrades.
- Include PQC migration as part of system lifecycle responsibilities and activities
- Identify initiatives responsible for the testing and implementation of PQC capabilities for each system.
- Collaborate with vendors to ensure compatibility with emerging PQC standards.
- Identify and assess interim risks
- Recognise the risk of data being captured now for later decryption and implement additional security layers as required.
- Monitor progress and address gaps
- Track the progress of PQC initiatives and document risks for systems that cannot support PQC methods by 2030.
- Adopt a layered security approach to mitigate risks for systems requiring hardware upgrades, until PQC-compatible solutions are available.
Policy note
The information below will be incorporated into the Data encryption standard when it is next updated. The below algorithms may be considered as acceptable in the meantime.
Quantum resistant algorithms
ASD approved quantum resistant cryptographic algorithms
| Family | Algorithms | Approved purpose | Minimum requirements |
|---|---|---|---|
| Asymmetric/public key | Module Lattice – Key Encapsulation Mechanism | Agreeing Session Keys |
ML-KEM-1024 [ISM-1995] ML-KEM-768 will not be approved for use after 2030 [ISM-1995] |
| Module Lattice – Digital Signature Algorithm | Digital Signatures |
ML-DSA-65 (ML-DSA-87 preferred) [ISM-1991] ML-DSA Hedged variant is used where possible [ISM-1992] ML-DSA prehashed variants are only used when performance of default versions is unacceptable. [ISM-1993] SHA-384 and SHA-512 are used respectively for prehashing of ML-DSA-65 and ML-DSA-87 [ISM-1994] | |
| Hash | Secure Hashing Algorithm 2 (SHA-2) | Hashing |
SHA-224, SHA-256 will not be approved for use beyond 2030 [ISM-1766] SHA-384 or SHA-512 [ISM-1766] |
| Symmetric encryption | Advanced Encryption Standard (AES) | Session Encryption |
256 bits [ISM-1769] 128, 192-bit lengths will not be approved for use beyond 2030 [ISM-1769] |