Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

QuSecure Scores Post-Quantum Cybersecurity Contract Worth More Than $100M Annually

Post-Quantum company awarded SBIR III contract to combat ‘harvest now, decrypt later’ threat from quantum computing

Post-Quantum company awarded SBIR III contract to combat ‘harvest now, decrypt later’ threat from quantum computing

QuSecure, a provider of post-quantum, or quantum-proof, cryptography, has been awarded a small business innovation research (SBIR) Phase III contract by the federal government. If funding is like last year’s phase III awards, QuSecure will gain access to more than $100 million to speed development and help commercialize its product for federal government and private industry use.

QuSecure is the only post-quantum product to achieve this status, so it effectively becomes the government’s preferred supplier to counter the ‘harvest now, decrypt later’ threat of future adversarial quantum computing.

NIST is currently engaged in a competition to choose a preferred or possibly multiple preferred quantum-proof encryption algorithms. All encrypted communications that have been stolen by bad actors – criminal gangs and adversarial nations – will become available to the adversaries as soon as a quantum computer powerful enough to run Shor’s algorithm is developed.

“We need to do something now,” Pete Ford, QuSecure’s SVP of government operations, told SecurityWeek. The encrypted data adversaries already have is lost, but there is a need to prevent the collection and decryption of future communications. “This is a matter of not just national importance, but whole of government importance. And if we don’t do something now, we’re just going to be bouncing around like a pinball going from problem to problem. We need greater threat protection and less vulnerability than we currently have.”

The urgency is supported by both NIST’s haste in its encryption competition and the speed in which QuSecure has been awarded SBIR phase III (the company was only awarded SBIR phase II earlier this year). SBIR III was immediately awarded following a pilot project in which QuSecure successfully deployed its QuProtect product at a federal facility.

The money for SBIR phases I and II comes from a ‘tax’ levied by the Small Business Administration on federal agencies’ budgets – generally ranging from less than 1% to less than 2%. The award winners can apply to the fund for specific amounts within the award for specific R&D purposes.

Phase III changes this. “It can now come from any color of money across 12 different federal agencies,” said Ford. It is effectively an endorsement from the government, which recognizes what a firm is doing in the private sector and has decided it can also be adapted for use by government. 

Advertisement. Scroll to continue reading.

The attraction of the QuSecure solution is threefold. Firstly, it scales easily, from individual mobile telephones to large data centers. Secondly, it can apply quantum-proof encryption to both data in transit (communications) and data at rest (stored). And thirdly, it is crypto agile. It doesn’t matter that NIST has not yet chosen its preferred post-quantum algorithm, because QuSecure can use any algorithm.

“Whoever wins,” said Ford, “we can work with them on our systems. Our quantum resilient tunnel will run on any algorithm that is approved or not approved. So, for example, right now, AES 256, and RSA 256 are the normal encryption algorithms for the asymmetric PKI world we live in. We work with those too. We can also be used on old systems – we still even send encryption to some legacy satellites using 3DES. So, for us, we don’t care who wins the NIST competition. We’re able to work with all of them and set up the tunnel they can run on. Then we just put our quantum keys over the outside of that to add another layer of protection against a quantum computer attack.”

Rear Admiral Mike Brown, a cybersecurity specialist formerly with the Departments of Defense and Homeland Security, said that SBIR Phase III “recognizes QuSecure’s capability and supports scaling post-quantum cryptography commercially, federally, and especially for the warfighter.” Pete Ford is one of those, having previously been a fighter pilot during four combat tours.

“As organizations begin to evaluate the opportunities and threats that quantum computing presents, the federal government is already acting now to hedge against those threats which, if not addressed, could completely knock the US out of the arena,” said Laura Thomas, former CIA Chief of Base, and now VP of corporate strategy at ColdQuanta. “This choice was made as QuSecure has proven that its adaptive orchestrated PQC solution offers continuous availability providing the simplicity, flexibility and scalability for the universal protection needed to secure our networked society and national interests.”

RelatedQuantum Computing’s Threat to Public-key Cryptosystems

RelatedQuSecure Launches Quantum-Resilient Encryption Platform

Related: Quantum Computing Is for Tomorrow, But Quantum-Related Risk Is Here Today

Related: Mitigating Threats to Encryption from Quantum and Bad Random

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...