A new discussion paper provides recommendations for the European Union (EU) on how to ensure member states are protected from quantum-based cyberattacks.
This paper was authored by Andrea G. Rodriguez, Chief Digital Policy Analyst at the European Policy Center. European quantum cybersecurity challenges He stressed the urgent need for a new EU coordinated action plan to promote quantum-protected technologies ahead of the “Q-day” when quantum computers can break existing cryptographic algorithms.
Experts believe this could happen within the next 5-10 years, with current encryption protocols making all digital information vulnerable to cyber attackers.
In a new paper, Rodriguez said the implications of quantum computing have been “mainly off the table” at the EU policy level. This includes the lack of strategies to deal with short-term threats such as “harvest attacks”. This is where the cybercriminal is extracting already encrypted data in preparation for his Q Day.
He said that due to the lack of EU leadership in this area, “only a few EU countries have publicly developed plans to counter the emerging threats of quantum cybersecurity, and strategies to deal with them.” “There are very few countries that have established
Read Now: HSBC Joins Quantum Safe Network
A European Policy Center document acknowledged that the US is leading the transition to post-quantum cybersecurity. The National Institute of Standards and Technology (NIST) is working on a post-quantum cryptography (PQC) standard and in July 2022 selected a group of cryptographic tools that could potentially withstand quantum computer attacks.
In parallel with this standardization process, in December 2022, US President Joe Biden signed into law the Quantum Computing Cybersecurity Readiness Act. The law establishes a number of obligations for federal agencies to prepare for the transition to quantum-secure cryptography.
Rodriguez argued that the EU could play a key role in “sharing information and best practices and reaching a common approach to the quantum transition” across its member states.
With this in mind, this paper presents six recommendations for the EU quantum cybersecurity agenda.
- Establishing an EU Coordinated Action Plan on the Quantum Transition
- Establishment of a new expert group within the European Union Cybersecurity Agency to bring together seconded experts from different countries to exchange good practices and identify obstacles to the transition to post-quantum cryptography
- Help set priorities for the transition to post-quantum cryptography and drive cryptographic agility to address emerging vulnerabilities.
- Facilitate political coordination between the European Commission, Member States, national security agencies and ENISA to set technological priorities and identify use cases for quantum-safe technologies.
- Promoting technical coordination at EU level to address research gaps in quantum safety technologies
- Consider using sandboxes to accelerate short-term application development of quantum information technology
“The challenges quantum computing poses to European cybersecurity may seem far-fetched, but the EU’s ability to detect, protect, defend against and recover from them in the future will help them overcome them,” Rodriguez said. It starts with pursuing the necessary mitigation measures now.” The quantum cybersecurity challenge is therefore vital to Europe’s economic security in a rapidly developing geopolitical environment, and it is in Europe’s hands to act now. ”
