Recently, the United States Cybersecurity and Infrastructure Security Agency（CISA）National Security Agency（NSA）In collaboration with the National Institute of Standards and Technology（NIST）Jointly released the 'Post Quantum Password Migration Guide',Used forGuide various organizations to carry out orderly post quantum password migration work.

With the rapid advancement of quantum computing technology, the emergence of large-scale quantum computers poses a threat to existing public key cryptography systems，Serious damageConfidentiality and integrity of Internet and other digital communications.To address this challenge, the field of cryptography has begun researching encryption algorithms that can maintain security in quantum computing environments, namely post quantum cryptography.NISTsincetwo thousand and sixteenStarting from the yearJustLaunched a global solicitation project for post quantum cryptography standard protocols. In recent years, significant progress has been made in the field of post quantum cryptography research,There have been many occurrencesAn algorithm that is expected to resist quantum attacks. In this context, information technology using traditional cryptographic techniques（IT）And operational techniques（OT）SystemAlso urgently neededSwitch to post quantum cryptography technology.

howeverPost quantum cryptography migration is not just about replacing cryptographic algorithms, but also involves updating cryptographic protocols, schemes, components, and infrastructure for quantum security technologyneedDevelop a flexible update mechanism for password systems and iteratively update password application information systems. Therefore, the migration of post quantum encryption requires comprehensive consideration of multiple aspects such as security, algorithm performance, implementation convenience, and compliance. To support migration work,CISAThree key research areas have been identified：Development of Post Quantum Cryptography Algorithm，Security evaluation and testing of post quantum cryptography systems, as well as implementation strategies and best practices for post quantum cryptography migration.

This releaseGuidelines suggest that the US administrative department use“Automatic Cryptography Discovery and Inventory”Tools to comprehensively sort out and list quantum computing related to vulnerable encryption（CRQC）Attacking digital assets. After completing the asset list, backward quantum cryptography should be quickly initiated（PQC）The migration process ensures the security of digital assets in a quantum computing environment while maintaining business continuity and stability. The guide emphasizes the key focus of migration work, which is to prioritize the expected outcomestwo thousand and thirty-fiveData assets that are still sensitive to tasks, typically involving critical areas such as national security and economic stability, are of utmost security importance.

In addition,The US government has taken multiple measures to promote the migration of post quantum cryptography,Not only establishedThe Open Working Group,stillEstablished“Backward Quantum Cryptography Migration Project”Wait, wait,To assist organizations in scientifically planning and effectively implementing migration work. This releaseGuide alsoThis provides important guidance for federal agencies to address the threat of quantum computing. By implementing the recommendations and measures in the guidelines, various institutions will gradually build a digital security guarantee system that adapts to the quantum computing environment, and be fully prepared for future network security challenges.