Embedded Files
The goal of the project is to develop a holistic framework for managing the security configuration state of power systems. In particular, methods for crypto agility will be devised to ensure a harmonized and evolutionary migration to post-quantum cryptography (PQC). These methods will be tailored to the architectures of smart grids. Other critical infrastructure domains can be added if partners will provide expertise.
Motivation
Motivation
Due to the complexity of existing systems and the heterogeneity of security solutions within them, the migration towards post-quantum cryptography (PQC) cannot be a one-time, abrupt operation. It needs to be appropriately prepared and integrated into existing technologies. A strictly cryptographic integration is insufficient, considering the diverse needs defining the context of the research and technological problem at hand. The introduction of PQC into existing systems should be an evolutionary process, with each step aligned with the current level of security risk. One of the contextual needs is the estimation of this risk, decision-making based on its value, and the adaptive implementation of the transition to PQC. Evolutionary and adaptive approaches are crucial due to the variable nature of quantum attack risk over time. The transformation towards post-quantum cryptography is essential from a fundamental perspective for the modern economy and society, ensuring information security, which, in turn, has direct implications for financial and geopolitical dimensions. The dynamic nature of research in the field of post-quantum cryptography, as evidenced by the constant development and cryptanalysis of PQC algorithms (eg. NIST competition), requires careful consideration in the migration process. The risk assessment of quantum attacks and the adaptability of the system to changing risk levels are vital for the success of the migration. The approach should be based on a multi-aspect risk analysis, considering factors such as the maturity and security of PQC algorithms, system complexity, and interoperability. Additionally, the scale of quantum risk evolves with the development of quantum computers, impacting the timing and necessity of migration. The analysis must consider the information's value over time, especially for data that should remain secure both in the present and future. The proposed solution emphasizes the need for an enriched process of algorithm transition to PQC based on a systematic risk analysis, ensuring adaptability and flexibility in response to changing risk levels. This approach is essential for compatibility with existing systems and achieving functional/process compatibility within and between systems.
Page updated
Report abuse