{"id":326978,"date":"2024-08-14T06:00:49","date_gmt":"2024-08-14T13:00:49","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=326978"},"modified":"2025-03-14T09:36:25","modified_gmt":"2025-03-14T16:36:25","slug":"white-house-post-quantum-announcement","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2024\/08\/white-house-post-quantum-announcement\/","title":{"rendered":"White House Post-Quantum Announcement: What It Means for Cybersecurity"},"content":{"rendered":"

Palo Alto Networks Quantum Safe VPN Supports New NIST Standards and Enables Crypto-Agility<\/em><\/h3>\n

On August 13, the U.S. Government formally announced the standardization of three new encryption algorithms<\/a> designed to resist the more sophisticated cyberattacks expected with the emergence of quantum computers. These new post-quantum cryptographic (PQC) algorithm standards, and additional PQCs yet to come, will eventually replace the classic encryption methods that have served as a foundational underpinning of modern cybersecurity for decades, but are predicted to become vulnerable within the next 10 years.<\/p>\n

We are proud to announce that every Palo Alto Networks Next-Generation Firewall (NGFW) running the latest PAN-OS, will be supporting the three new <\/span>PQC standard algorithms. Our latest PAN-OS also supports several other emerging, nonstandard PQC algorithms,<\/span> providing our customers with cryptographic agility for future encryption needs.<\/span><\/p>\n

The recent announcement of the first set of PQC algorithm standards should be celebrated as a significant milestone \u2013 the conclusion of a nearly eight-year global collaborative process led by the U.S. National Institute of Standards and Technology (NIST). But, it's also important to recognize the announcement as just the beginning<\/em> of a new process to advance quantum readiness. The announcement now triggers new U.S. policy deadlines stemming from National Security Memorandum-10: Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems<\/em><\/a>, which requires federal agencies to begin testing and ultimately fully transition to PQCs by 2035.<\/p>\n

But, quantum attacks aren\u2019t just an abstract challenge to deal with in the distant future. The risk of \u201charvest now, decrypt later\u201d attacks (where adversaries steal sensitive encrypted data now to decrypt once quantum computers are available in the future) presents a significant risk for federal agencies and enterprises today.<\/p>\n

<\/a>NIST\u2019s New Post-Quantum Standards and Their Implications for Security<\/h2>\n

With the NIST algorithm standards issued, renewed attention of thousands of organizations will turn to testing and validating the integrity and interoperability of these new standards within their systems. The global community will continue to learn more about the strengths and weaknesses of the three new PQC standards, which include one key encapsulation mechanism-based algorithm (FIPS 203: ML-KEM<\/a>) and two digital signature-based algorithms (FIPS 204: ML-DSA<\/a>; FIPS 205: SLH-DSA<\/a>). Additional key encapsulation mechanism-based candidate algorithms, such as BIKE, HQC and Classic McEliece, remain under near-term consideration for NIST\u2019s third-round PQC pipeline.<\/p>\n

The unfortunate reality is that any one of these algorithms is at risk of being cracked and rendered ineffective, as occurred with several other candidate algorithms on the long road to standardization. We simply won\u2019t know with high confidence which algorithms will be enduringly quantum resistant until they undergo several more years of testing and organizational use.<\/p>\n

That uncertainty makes it absolutely imperative for security providers, including Palo Alto Networks, to embrace the principle of cryptographic agility in their product development. In this context, cryptographic agility (or \u2018crypto agility\u2019) refers to the ability to seamlessly shift to using different cryptographic algorithms if vulnerabilities are discovered in current algorithms that render them less secure.<\/p>\n

<\/a>Palo Alto Networks Commitment to Crypto-Agility<\/h2>\n

At Palo Alto Networks, we believe that fully embracing crypto agility means providing product support for both the new NIST standard algorithms and <\/em>other emerging, nonstandard algorithm candidates.<\/p>\n

Our PAN-OS 11.2 Quasar release extends the capabilities of our Quantum Safe VPN<\/a> and enables the use of multiple PQC algorithms to create quantum-safe hybrid keys.<\/p>\n

For example, in an upcoming release, our Quantum Safe VPN will support the new NIST standard ML-KEM to secure the key exchange from quantum attacks, including the near-term risk of \u201charvest now, decrypt later\u201d attacks. Adhering to best practices, our customers can now combine ML-KEM with classical key exchanges (e.g., Diffie-Hellman) to create hybrid keys that ensure the highest levels of resistance to both quantum and classical computer attacks.\u00a0 However, if ML-KEM were to be found vulnerable in the future, customers could quickly deselect ML-KEM from the VPN profile and substitute it with another nonstandard PQC KEM such as BIKE or HQC.\u00a0<\/span><\/p>\n

Support for our customers does not stop there. We also provide them with additional flexibility, as relying on the security of the single standardized KEM alone carries inherent risk and limits a customer\u2019s crypto agility. To protect against the potential emergence of any vulnerabilities in the newly standardized ML-KEM key exchange, Palo Alto Networks can also uniquely support additional key exchanges. We\u2019ll support up to seven key changes in IKEv2 with nonstandard PQCs in alignment with RFC 9370.<\/p>\n

For customers like federal agencies that must use only NIST standard (FIPS certified) PQCs, PAN-OS provides an alternate form of crypto-agility through RFC 8784 Post-Quantum Preshared Keys (PPKs)<\/a>. PPKs protect against KEM vulnerabilities and add an additional layer of quantum resistance to site-to-site VPNs to stop harvesting attacks.<\/p>\n

Palo Alto Networks was also the first to build and release signatures to detect the use of PQCs<\/a> and their hybrids in an SSL session, which has become especially critical as browsers and applications have started migrating to quantum-safe algorithms. This provides greater organizational visibility into sanctioned and unsanctioned cryptography-suite use in their infrastructure. We support signatures for a broad range of PQCs, including the recently announced NIST standards, as well as nonstandard PQCs emerging in NIST\u2019s round 3 and round 4 pipeline.<\/p>\n

And, as the industry adopts ML-KEM, ML-DSA, SHL-DSA and the corresponding hybrid algorithms across browsers and web-services, Palo Alto Networks will also follow the adoption of these standards for SSL\/TLS and certificates to continue to provide secure products and services.<\/p>\n

As recent U.S. Government actions continue to raise awareness of the importance of quantum readiness, Palo Alto Networks remains committed to being a strategic partner within the global ecosystem. That\u2019s why we\u2019re a proud partner of NIST\u2019s Migration to Post-Quantum Cryptography<\/a> project, testing PQC interoperability with multiple industry peers. That commitment is why we\u2019ve released educational materials, like our CISO\u2019s Guide to Quantum Security video series<\/a>, to help organizations better understand the risk and how to advance their own quantum readiness. And, it's why we\u2019ll continue to push innovations across our entire product suite to provide our customers with greater levels of assurance and flexibility to remain quantum secure.<\/p>\n","protected":false},"excerpt":{"rendered":"

Every Palo Alto Networks Next-Generation Firewall running the latest PAN-OS supports the three new NIST PQC standards.<\/p>\n","protected":false},"author":184,"featured_media":327035,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6769],"tags":[183,9723,1913],"coauthors":[1878,9725,9721],"class_list":["post-326978","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-public-sector","tag-nist","tag-post-quantum-cryptography","tag-white-house"],"jetpack_featured_media_url":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-content\/uploads\/2024\/08\/prisma-federal-li-1200x627-10.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/326978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/184"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=326978"}],"version-history":[{"count":8,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/326978\/revisions"}],"predecessor-version":[{"id":336160,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/326978\/revisions\/336160"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/327035"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=326978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=326978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=326978"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=326978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}