The future of encryption in a post-quantum world

No Comments

As quantum computing speeds edge closer to practical use, the ‘harvest now, decrypt later’ approach is already in motion with adversaries collecting encrypted data today, anticipating they'll be able to crack it tomorrow. But is enough being done to prevent it?

New research from Forescout highlights the urgent need for organizations to prepare for a future where quantum-capable adversaries can break widely used cryptographic protocols.

The report finds that only about six percent of all 186 million SSH servers on the internet already use quantum-safe encryption. Three quarters of OpenSSH versions on the internet still run versions released between 2015 and 2022 that do not support quantum-safe encryption. In addition less than 20 percent of TLS servers use TLSv1.3, which is the only version that supports PQC.

If, as seems likely, regulators mandate quantum-safe encryption in the near future, organizations will face serious gaps. Current quantum migration roadmaps throughout the world mandate transitioning to PQC between 2030 and 2035, especially for critical assets. Outdated infrastructure will become a compliance and security risk, and upgrading later may be slower, more expensive, and more disruptive than acting early.

Rob McNutt, chief strategy officer at Forescout, writes on the company’s blog, “Today’s encryption standard, PKI, still matters and will continue to matter in the future but it will diminish in its ability to be trusted.  Certificates, certificate authorities, and TLS will still rely on PKI but other technologies like SKA or post-quantum key exchange platforms will likely become a trend. PKI updates to the key exchange and the signature algorithms will be needed to ensure they are quantum safe, which is a tall task for the 10B+ connected devices in the world.”

You can read more on the Forescout blog. The company has also launched the Forescout 4D Platform which continuously identifies, protects and ensures the compliance of all managed and unmanaged cyber assets -- IT, IoT, IoMT and OT -- without business disruption. It delivers comprehensive capabilities for network security, risk and exposure management, and extended detection and response.

Image credit: BeeBright/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

AI is fueling an explosive rise in fraud and digital identity crime

You can turn your car into an Atari gaming arcade and play Asteroids and Breakout

Millions of unsecured Wi-Fi networks are putting data at risk

Cloaking-as-a-service set to reshape the phishing landscape

CrapFixer update fixes Windows 11 and turns it into the operating system you deserve -- download it now!

The future of encryption in a post-quantum world

Application layer comes under threat

Most Commented Stories

Windows 11 25H2 has a new option to remove all unwanted Microsoft apps

38 Comments

16 Billion Passwords Exposed: Major Leak Hits Apple, Facebook and Google Users 

16 Comments

Half of Americans think AI is a threat, the other half don't. Who's right?

8 Comments

Apple’s Liquid Glass Control Center Gets a Much-Needed Fix in iOS 26 Beta 2

6 Comments

This ergonomic AI mechanical keyboard is built for modern productivity

6 Comments

Apple’s CarPlay Ultra Comes to a Halt as Industry Giants Start Changing Their Minds

6 Comments

Never mind Windows 11, Windows Classic Remastered is the nostalgic Microsoft operating system you didn't know you wanted

6 Comments

Facebook introduces the biggest change to text posts in years

5 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.