Guidelines for quantum-safe transport-layer encryption
These guidelines are written for an audience of architects responsible for specifying cryptographic requirements. They can also be used in R&D and prototyping as well as for contract negotiations. For a more general introduction, see NLNCSA’s brochure and our own factsheet. For further details, follow NIST, ETSI, IETF, and ISO standardisation efforts and read publications by ENISA and TNO.
Our recommendations target the early adopters who follow our advice to apply quantum-safe cryptography to ensure long-term confidentiality against store-and-decrypt attacks. Signatures are not part of these guidelines as they are not vulnerable to such attacks. The guidelines recommend hybrid key exchange to mitigate potential vulnerabilities in novel post-quantum algorithms and implementations. Besides a list of algorithms and recommended parameters, this document also contains some questions to ask when choosing implementations.
Deze publicatie wordt niet meer actief onderhouden door het NCSC. De informatie in deze publicatie kan daarom verouderd zijn.
This publication is no longer actively maintained by the NCSC. The information in this publication may therefore be out of date.