Will DevOps Be Prepared When Quantum Computers Arrive?
September 10, 2019

Tim Hollebeek
DigiCert

We have all witnessed, and benefited from, the numerous technology changes that have occurred in the past few years. In this age of virtualization, cloud, software-defined architectures, Internet of things, artificial intelligence, and machine learning, our world is ever-more connected, dynamic, and sophisticated.

These technology advances have caused software development and IT operations to coalesce and streamline communications and collaboration. To keep pace with these ever-changing digital transformations, DevOps is adding new levels of agility, reducing development lifecycles, and delivering new features, fixes, and updates faster to meet business objectives.

However, as impactful as these new advances are, DevOps will need to revisit security at it prepares to take advantage of all that quantum computing has to offer. Most security experts surmise that quantum crypto algorithms will eventually render RSA cryptography and ECC useless. Because of the security impact, particularly as it relates to the formidable crypto algorithms, my recommendation for DevOps is to prepare now, by implementing crypto-agility solutions that are available today.

You will be ahead of the game, if you test quantum-resistant algorithms in your systems, and consult with your security providers. If you don't already work with a certificate authority (CA,) I recommend you do some research, and consider working with a trusted CA that has expertise in quantum-resistant technology.

Authentication and Encryption Readiness for a Post-Quantum World

There is no doubt that DevOps will need to adjust its cultural mindset, adopt best practices, and acquire technology that will enable them to support quantum cryptography.

DevOps must have a plan to transition existing cryptography to post-quantum algorithms without disrupting its regular cadence of deploying packages and software updates. One of the best ways to be protected when post-quantum computing (PQC) arrives is to build crypto-agility into the infrastructure. This can be accomplished by implementing an automated public key infrastructure (PKI) platform. This will ensure software updates are automatically protected with secure communications and code signing throughout the enterprise. A key benefit is the ability to support today's crypto algorithms, as well as future quantum crypto algorithms, and toolkits for encryption, such as OpenSSL.

Security providers that offer high-assurance digital certificates can simplify the integration of PKI into existing DevOps infrastructure. The integration and automation of PKI lifecycle management into DevOps systems, whether deployed on premises or as a cloud service, use APIs that tie into continuous integration systems.

Automated and flexible PKI solutions that support multiple crypto algorithms will future-proof your security posture. As the cycle of technology change becomes ever more rapid, automation and agility are the key to ensuring crypto libraries and digital certificates are always up to date.

Quantum development work has been going on for decades. There are working quantum computers with a small number of qubits that are relatively unstable. This presents no threat to today's cryptographic algorithms; however, large-scale quantum computer threats may be a few short years away. For DevOps, the time spent in preparation today will ensure an organization will be ready for the next big crypto evolution. This will ensure readiness when post-quantum crypto standards are available. And when development and IT operational systems comply with those standards, organizations will be better protected from quantum computer threats.

Tim Hollebeek is Industry and Standards Technical Strategist at DigiCert
Share this

Industry News

October 29, 2020

Cisco announced new software-delivered solutions designed to simplify IT operations across on-premise data centers and multicloud environments.

October 29, 2020

Bugsnag announced availability of user stability analytics, which will help developers gain a clearer understanding of how application errors are impacting the user experience and other key performance indicators (KPIs) for the business, as well as offer insights on whether to fix bugs or build new features.

October 29, 2020

HAProxy Technologies announced an open-source release of a VMware Open Virtual Appliance (OVA) virtual machine image of the HAProxy load balancer for vSphere, which HAProxy Technologies will maintain on GitHub.

October 28, 2020

Progress announced a number of new innovations designed to facilitate adoption and at-scale deployment of Chef offerings for both new and experienced users of the DevSecOps portfolio.

October 28, 2020

StackRox announced the release of KubeLinter, its new open source static analysis tool to identify misconfigurations in Kubernetes deployments.

October 28, 2020

Vercel announced Next.js 10 featuring a number of new capabilities that accelerate frontend developers’ ability to enrich end users’ web experiences globally.

October 27, 2020

ThinkTank has released a suite of applications designed to keep distributed agile teams aligned and engaged, regardless of physical location.

October 27, 2020

Cloudify, a Service Orchestration and Automation Platform, announced its latest 5.1 product release which aims to take one step further to permanently remove silos and roadblocks that are consistently associated with migration to the public cloud.

October 27, 2020

WhiteSource announced its new native integration for Microsoft Azure DevOps services.

October 26, 2020

NetApp unveiled a new serverless and storageless solution for containers from Spot by NetApp, a new autonomous hybrid cloud volume platform, and cloud-based virtual desktop solutions.

October 26, 2020

GeneXus released GeneXus 17, a new version of its platform that empowers enterprises to create and evolve new applications at unprecedented speed.

October 26, 2020

Alcide announced the company’s security solutions are now integrated with AWS Security Hub, sending real-time threat intelligence and compliance information to Amazon Web Services (AWS) for easy consumption by Security and DevSecOps teams.

October 22, 2020

Puppet announced Puppet Comply, a new product built to work with Puppet Enterprise aimed at assessing, remediating, and enforcing infrastructure configuration compliance policies at scale across traditional and cloud environments.

October 22, 2020

Harness announced two new modules: Continuous Integration Enterprise and Continuous Features.

October 22, 2020

Render announced automatic preview environments which are essential for rapid and collaborative development of modern applications.