HAVE YOU HEARD ABOUT Y2Q?
What’s so special about Sunday, April 14, 2030?
The Quantum-safe Security Working Group of the Cloud Security Alliance (CSA) chose that date to represent “Y2Q,” also known as “Q-Day” – the moment secure IT infrastructure becomes vulnerable to the threat of a fault-tolerant quantum computer running Shor’s algorithm. This algorithm, discovered in 1994
by American mathematician Peter Shor, will break many of the cryptographic algorithms we rely upon today, including RSA, elliptic curve cryptography, and Diffie-Hellman key exchange.
Although the date is arbitrary, the principle is important. At some future date, common encryption standards will become vulnerable to the threat of quantum computers. The CSA’s insight is also important. Until we agree on a deadline, it is easy to ignore the threat.
With a deadline identified, a worldwide effort to prevent Y2Q from threatening encryption is under way. One of the organizations leading that effort is the National Institute of Standards and Technology (NIST). This booklet outlines everything a CISO needs to know about that effort and what it means for their
organization’s cybersecurity strategy—now and in the future.