Skip to main content
  • Next steps towards a net zero IETF

    Built with input from the IETF community, we now have an initial approach and tools for calculating the IETF’s carbon footprint and a strategy for carbon offsetting. For 2023, we will implement this approach with data already available and seek to further improve it for future years.

    • Greg WoodIETF LLC Director of Communications and Operations
    22 Mar 2023
  • IETF Administration LLC 2023 Budget

    The IETF Administration LLC has finalised its 2023 budget following a community consultation.

    • Jay DaleyIETF Executive Director
    20 Mar 2023
  • IETF LLC Statement on Remote Meeting Participation

    A statement of principles regarding remote participation in IETF Meetings to reiterate the principles regarding remote participation in IETF meetings under which we currently operate.

    • Jason LivingoodIETF Administration LLC Board Chair
    10 Mar 2023
  • IETF Snapshot 2022

    Want to catch up on IETF activity in 2022? The IETF Snapshot provides a short summary of IETF activity for the previous year.

      9 Mar 2023
    • Suggested IETF 116 Sessions for Getting Familiar with New Topics

      These IETF 116 meeting sessions are likely to include discussions and proposals that are accessible to a broad range of Internet technologists whether they are new to the IETF or long-time participants.

        7 Mar 2023

      Filter by topic and date

      Filter by topic and date

      IETF launches post-quantum encryption working group

      • Grant GrossIETF Blog Reporter

      23 Feb 2023

      As research organizations and tech companies embrace quantum computing, many cybersecurity experts have worried that the upcoming super-powerful machines will be able to crack current encryption methods within minutes, exposing people to surveillance or cybercrime.

      PQUIP Blog post

      The IETF has responded to these concerns by launching, in January, a new working group, called Post-Quantum Use In Protocols, or PQUIP, that aims to coordinate the use of cryptographic protocols that are not susceptible to large quantum computers.

      There are already efforts outside the IETF to develop post-quantum encryption methods, and a handful of IETF working groups have begun work on standardizing revised protocols to meet the quantum challenge. PQUIP aims to support “this growing body of work” at the IETF and facilitate the evolution of protocols, according to the working group’s charter.

      The plan is to examine quantum-related concerns and ideas, with PQUIP leaving standardizing to other IETF working groups, noted Sofia Celi, a cryptography researcher at Brave Software and co-chair of PQUIP. The working group aims to discuss and provide suggestions for transition issues, she added.

      “The idea of the working group is to be a standing venue to discuss post-quantum cryptography [PQC] from an operational and engineering side,” Celi said. “It is also a venue of last resort to discuss PQC-related issues in IETF protocols that have no associated maintenance on other working groups that the IETF has.”

      It is unclear when or if so-called cryptographically relevant quantum computers [CRQCs] will be able to break existing encryption methods, with a few researchers suggesting it could happen as soon as a decade and others predicting fifty years or more. 

      As Celi notes, “Experts in the field have given wildly different estimated timelines based on many factors. It is possible that CRQCs might never exist because the error rates for quantum computers might always be too high to build a large enough computer to break current cryptography.”

      However, with the possibility that these powerful quantum computers will eventually exist, the IETF and other groups are working to proactively protect Internet communications. She added, “If CRQCs can be built, we want PQC algorithms specified, tested, and deployed well before the first CRQC is operational,” she said.

      The good news, Celi said, is that work on post-quantum cryptography is well on its way. The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) launched a post-quantum cryptography standardization process back in 2016, and it announced its first group of algorithms in July 2022 for key exchange and signatures, with additional algorithms expected in the future. Other international organizations are also working on post-quantum computing algorithms, she noted.

      Most protocols and technologies that provide security or privacy and use quantum-threatened cryptography can be migrated to post-quantum algorithms..

      “Many of the algorithms that have been chosen to be standardized by the post-quantum NIST process are usable in today’s systems and networks,” Celi said. However, “these algorithms have some constraints – higher computational costs and larger sizes – that should be carefully considered when integrating them into protocols and technologies.” The PQUIP Working Group, and the other working groups in the IETF, will investigate how to integrate PQC algorithms in today’s protocols.

      Discussions are already underway on the PQUIP working group mailing list, with the first meeting is expected to take place at the IETF 116 Yokohama meeting being held 25-31 March 2023.


      Share this page