The Challenge. And The Threat.
The advent of quantum computing poses a potentially significant threat to digital security systems in all walks of life – health records, financial transactions, banking and cryptocurrency systems, critical infrastructure controls, government secrets, private messages and communications – just to name a few.
Quantum computers are not yet able to break the cryptography that secures all these systems but adversaries are already executing HNDL (“harvest now, decrypt later”) attacks: capturing encrypted data today with the expectation of being able to decrypt it once that day is met. Therein lies the threat – an active one with data today – data in-transit and at-rest.
Shor’s algorithm enables quantum computers to efficiently factor large integers and compute discrete logarithms, breaking RSA and ECC cryptographic algorithms — the foundations of today’s secure communications.
The threat is not hypothetical: Five Eyes nations are already setting hard migration deadlines. The US (CNSA 2.0) mandates full migration by 2035. Australia’s ASD requires a refined transition plan by end of 2026 and migration of critical systems by 2030. The UK’s NCSC targets 2035. The EU sets 2030 for high-risk systems.
New Zealand’s own NZISM Section 2.4 mandates that agencies monitor PQC developments, inventory their cryptographic systems, and develop migration plans — yet no PQC algorithms have been approved for NZISM use, and no migration deadline has been set. Organisations that wait for a mandate risk being caught unprepared.
The challenge is that transitioning to Post-Quantum Cryptography (PQC) is not instantaneous. It requires comprehensive assessment, research, planning, system upgrades, and integration of new cryptographic standards. Given the complexity and time required, organisations must act proactively to safeguard their digital assets against future quantum threats.
Our Value Proposition – Our Quantum-Safe Services & Solutions
Kaysec, the post-quantum security division of Spinsphere, delivers quantum-safe security solutions to organisations in New Zealand and worldwide. NIST finalised its first PQC standards in August 2024: ML-KEM (FIPS 203, formerly CRYSTALS-Kyber) for key encapsulation, ML-DSA (FIPS 204, formerly CRYSTALS-Dilithium) for digital signatures, and SLH-DSA (FIPS 205, formerly SPHINCS+) for hash-based signatures. With our expertise in these standards and understanding of regulatory frameworks and policies, we provide the following services:
- Assessment: Comprehensive PQC readiness audits — identifying quantum-vulnerable systems, mapping cryptographic dependencies, and benchmarking against NZISM Section 2.4 and international frameworks.
- Inventory: Catalogue sensitive datasets with long confidentiality requirements and map their cryptographic dependencies.
- Prioritise: Rank systems for migration based on asset value, data sensitivity, operational dependencies, and data longevity.
- Strategy: Develop a concrete migration roadmap with timelines, resource requirements, and hybrid transition strategies, all aligned to your regulatory environment, whether NZISM, CNSA 2.0, NCSC, or ASD guidance.
- Implementation: Deployment of NIST/regulatory body approved PQC algorithms (ML-KEM, ML-DSA, SLH-DSA etc.) into your existing infrastructure with hybrid migration strategies.
- Advisory & Support: Ongoing guidance on compliance, emerging standards (including FN-DSA / FIPS 206), and cryptographic agility best practices.
By partnering with Kaysec, you position your organisation at the forefront of cybersecurity, ready to face the challenges of the quantum future.