Page 235 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 235

a small nonzero integer solution that satisfies the given equation. These two mathematical problems
            attempt to make this cryptography quantum proof.

            Stateless hash-based cryptography (SPHINCS+) utilizes cryptographic hash functions and Merkle trees
            to create digital signatures that are believed to be resistant to quantum attacks. This is believed to be
            quantum resistant due to the hash functions designed to be one-way and highly linear. This means they
            do not have an algebraic structure that can be as easily exploited by quantum algorithms.

            B. Challenges of PQC Adoption and Implementation


            To navigate the new complexities PQC presents, organizations need to prioritize "crypto agility," the
            ability to quickly and seamlessly switch between cryptographic algorithms as threats evolve and new
            standards  emerge.  This  will  likely  require  infrastructure  upgrades  across  various  systems  and
            applications.  During  the  transition  period,  some  organizations  might  also  consider  adopting  hybrid
            cryptographic systems that combine existing and post-quantum algorithms to provide an added layer of
            security.



            VII. Potential Financial Damages

            A. Potential Impacts

            Quantum  decryption  of  stolen personal and  financial  data  could  trigger  a  surge  in  identity  theft  and
            financial fraud, as criminals exploit previously inaccessible information. Furthermore, the exposure of
            sensitive personal details, such as medical histories and private communications, could cause significant
            erosion of personal privacy.


            For organizations, the ability of quantum computers to decrypt previously stolen data could result in
            substantial financial losses due to data breaches, corporate espionage, and potential legal liabilities. The
            exposure of sensitive corporate information, such as trade secrets and strategic plans, could provide
            competitors with an unfair advantage, leading to significant financial harm. Organizations could face
            significant reputational damage and a loss of customer trust if their previously secured data is exposed
            due to quantum decryption.


            B. Quantifying Potential Future Damages

            Quantifying financial damages from future quantum decryption is challenging, but existing reports offer
            insight into the potential scale of the impact. A report from the Hudson Institute's Quantum Alliance
            Initiative estimated that a quantum-enabled attack on the Federal Reserve's payment system could result
            in a direct loss of 10-17% of US GDP and between $2 and $3.3 trillion in indirect losses. While these
            figures represent current data breach costs and specific potential scenarios, they highlight the immense
            financial risks associated with the future decryption of sensitive data.











                                                                                                            235
   230   231   232   233   234   235   236   237   238   239   240