Advances in quantum computing could render the government’s strongest encryption systems obsolete, and the Defense Department is trying to get ahead of the curve.
The Defense Information Systems Agency is asking security researchers to share ideas for protecting the Pentagon’s IT infrastructure against quantum computers. Though today’s quantum systems are still in their infancy, military officials worry their more powerful successors will be able to easily crack the codes used to secure military networks today.
“The exact time of the arrival of the quantum-computing era is unknown,” DISA officials wrote in the solicitation. “However, [the Defense Department] must begin now to prepare its information security systems to be able to resist attacks from large-scale quantum computers.”
Like most organizations, the Pentagon relies on public-key encryption to mask the data and activity on its networks from online intruders. The process involves lots of math, but in basic terms, it uses algorithms to generate complex digital “keys” that allow people on the network to unlock encrypted information. The system is so strong that today’s most powerful computers could take billions, if not trillions, of years to crack the code.
But quantum computers, which will be exponentially more powerful than the fastest supercomputers on Earth today, would make short work of traditional cryptography, DISA officials said. As such, they want to bolster the Pentagon’s network security before adversaries can get their hands on the tech.
Per the solicitation, DISA is looking for white papers that outline novel encryption algorithms that could withstand attacks from quantum and classical computers. After reviewing proposals, the agency plans to award Other Transaction Authority contracts to build a working prototype of the system.
While thwarting quantum codebreakers is the ultimate goal, the prototype must also be able to function across the Pentagon’s current IT ecosystem. DISA officials plan to assess the system on its technical feasibility and other factors, including how long it takes to generate keys locally on department devices and the amount of hardware and software needed to support the system across the enterprise.
Beyond military applications, they said, the effort could ultimately help inform industry standards for encryption.
Interested groups must submit white papers by May 31.