![]() ![]() You know, CIOs sometimes ask us, do I need to act now? Can I just wait until we’re at the precipice of an RSA cracker? And the answer is unfortunately, one has to act now because of store-now-decrypt-later or hack-now-decrypt-later attacks. The core encryption algorithms that we use for data in motion and data at rest are vulnerable to quantum attack and specifically, and this I want to emphasize, right now to store now decrypt later. ![]() The definition of HIPAA will have to change because we need to keep medical records around for years, and right now they are RSA encrypted, but unfortunately, RSA is vulnerable to quantum attack and the same thing with elliptic curve cryptography and with Diffie–Hellman key exchange. ![]() We also have to think about sensitive financial records. It takes 10 or 15 years to develop some of these drugs, so if you have access to the IP of Novartis or Roche or Pfizer or Merck, you know these, this is very, very valuable, even if it takes you a few years to decrypt it when you have sufficient computing power. Not just the pharma products that are on the market: Almost as important or as critical are the thousands of compounds that every biotech is working on in development. Or of formulas and know-how and trade secrets at pharmaceutical and biotech companies. Think about IP in terms of chemical formulas at consumer-packaged goods or chemicals companies. The “decrypt later” part is that when sufficient computing capabilities are available to those adversaries, they will decrypt it and have access to it. Companies across the western world are being attacked, and data that is encrypted is being exfiltrated. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |