As the disruptive wave of quantum computing crashes into the established walls of cryptographic security, industry titans such as Microsoft and Amazon are allowing clients to test the post-quantum cryptographic algorithms for selected network protocols.

The world of data protection has always been a chess game, a race of wit and cunning from the creation of unbreakable safes to the face-off in the complex world of algorithms with the dawn of the digital age. The crux of digital information protection lies in the realm of cryptography. Its effectiveness stems not from a lack of understanding of its processes but rather from the integration of complex mathematical conundrums that prove unsolvable without access to a secret key.

Cryptographic algorithms stand on several assumptions, one of which includes predicting the computational capacity of would-be intruders. The game has seen numerous subtle challenges throughout the decades but without significant shake-ups. The sturdy foundations of frequently used algorithms have held firm, weathering the storms of classic processors, AI attacks, and other technological novelties. Yet, the emergence of fresh attack avenues was unavoidable, and a seismic shift occurred with the advent of quantum computing.

Quantum computing strikes at the very heart of data encryption, throwing a wrench into the cogworks of the assumptions securing cryptographic algorithms. With the environment being stable for decades, such a transformation represents the most dreaded nightmares of data protection materialised. Quantum computing empowers stealthy data-stealing attacks which demand immediate attention.

Years ago, this threat was perceived and standardisation bodies such as NIST embarked on the road to devising cryptographic algorithms that brought new assumptions into the fold. These post-quantum secure cryptographic algorithms (PQC algorithms) provide a safeguard even against attacks powered by quantum computing. On the surface, it appears all is well - new algorithms have been conceived and all that's required is a simple swap. But the reality is far more nuanced. These new algorithms demand more computing power; they necessitate larger encryption keys and signatures and result in a surge in traffic. The transition to PQC cryptography is anything but a walk in the park.

Some organisations started rolling out PQC-enhanced versions of common network protocols even though the standardisation process has yet to finish and let users test them to provide a smooth transition.

1. Amazon, as part of the AWS transfer family, has implemented the PQC Kyber algorithm into SSH and SFTP protocols. Further details can be found here.

2. Microsoft, meanwhile, has incorporated PQC into VPN, TLS, and SSH protocols using modifications of open-source libraries such as OpenVPN, OpenSSL, and OpenSSH. More information on Microsoft's initiative can be found here.