Ghostboard pixel Skip to content

The Linux Foundation Creates an Alliance to Work On Post-Quantum Cryptography

The Linux Foundation launches an exciting endeavor for post-quantum cryptography.

The age of quantum computing is rapidly approaching us, and people are worried. You see, whatever existing encryption methods that we have, such as RSA, AES, Blowfish, etc. will all become obsolete once quantum computers come up to their full potential; which is not that far.

This threat has kick-started a flurry of development surrounding Post Quantum Cryptography (PQC), with the likes of Tutanota and Proton already working towards their goals.

You're maybe thinking; what about the bigger players, aren't they going to do anything?

As it turns out, they have stepped up their game by creating a special coalition called the Post-Quantum Cryptography Alliance (PQCA). Let's see what's it all about.

a screenshot of the post quantum cryptography alliance website

What's happening: Just a few days back, on February 6, 2024, The Linux Foundation announced the launch of the PQCA to pave the way for open collaboration, pushing for the advancement and adoption of PQC.

They have begun by bringing together industry specialists from various organizations and fields of work. On the launch of this alliance, Jim Zemlin, Executive Director of the Linux Foundation, had this to add:

The mission of the Post-Quantum Cryptography Alliance is to develop and promote open source software solutions that address the security challenges posed by quantum computing.
By establishing an open and collaborative environment for innovation, the PQCA will help accelerate the development and adoption of post-quantum cryptography in open source and beyond.

What to Expect: The main goal of the PQCA is to get involved with various technical projects to support the production of so called “high-assurance software implementations of standardized algorithms”. They intend to do that while also being involved in the continuous development and standardization of new post-quantum algorithms.

Another goal of the PQCA will be to act as the cornerstone for organizations and open-source projects looking to implement production-ready libraries and packages in line with the NSA's Cybersecurity Advisory related to the Commercial National Security Algorithm Suite 2.0.

Interestingly, the advisory contains a deadline for the National Security Systems (NSS) to be equipped with quantum resistant algorithms by 2035; take that how you may.

The PQCA already has two major projects live, one is the Open Quantum Safe (OQS) project that is meant to support the development of and transition to quantum-resistant cryptography.

Whereas, the other is the PQ Code Package project that is meant to create and maintain “high-assurance implementations of standards-track post-quantum cryptography algorithms”.

In simpler words, it will be used to create and maintain standardized post-quantum, production-ready tooling that various organizations and individuals can make use of.

As for who the founding members are, here's the list; it has some pretty influential names:

  • IBM
  • Cisco
  • Google
  • QuSecure
  • Keyfactor
  • IntellectEU
  • SandboxAQ
  • Kudelski IoT
  • Amazon Web Services
  • University of Waterloo

If you are interested in joining as a member, then you can head over to the official website. If you want to contribute in a more technical capacity, you can go to PQCA's GitHub repo.

Does it matter? 🤔

It does, most of us wouldn't be happy if our data that is secured inside a citadel of encryption on various web services we use just crumbles like a house of cards.

Sadly, with the advent of quantum computing, that is possible, and you wouldn't want your personal data in the hands of anyone apart from you and the services you trust, would you?

Finally, I would like to say this; keep an eye out for quantum computing, it can be a double-edge sword, so tread lightly.

More from It's FOSS...