The PQCC’s primary mission is to apply the parties’ collective technical expertise and influence to accelerate adoption of PQC in commercial and open-source technologies. The PQCC’s efforts will be applied toward readying a global cybersecurity supply chain to meet mandated governmental and regulatory timelines (with an emphasis on the US government), compliance requirements, and the security and privacy needs of the general public.
Workstreams
Standards
This workstream is focusing on PQC standardization gaps which need to be addressed for a smoother migration. It also is evaluating international PQC requirements to assess misalignments which could pose challenges for vendor compliance and interoperability.
Education
The PQC migration is expected to be a complex endeavor involving coordination, careful planning, and execution. Migration will involve understanding your security posture, evaluating your level of exposure to a quantum threat to cryptography, and developing a comprehensive mitigation approach. This workstream is focusing on assisting those looking to build technical background, understand relevant mandates and timelines, and take action to execute a successful PQC migration.
Implementation
Once standards are published for the new PQC algorithms, high-quality implementations will need to be developed. This workstream is focusing on activities that support the availability of such implementations, to include side-channel exploration and collaboration with the Post-Quantum Cryptography Alliance (PQCA) in their efforts to centralize availability of production-ready PQC software.
Cryptographic Inventory and Agility
Cryptographic migration requires a great deal of effort and engineering to perform. Initial steps involve creating a cryptographic inventory through a combination of automation and the work of knowledgeable experts. Inventorying using common standards and repeatable approaches will not only ease the current migration, but it will also streamline future efforts. This workstream is focused on shaping standards and approaches to planning for the current PQC migration and laying the foundation for cryptographic agility.