Quantum computing poses a major threat to classical cryptographic primitives (RSA, ECC, etc.), demanding an urgent migration to quantum-safe solutions, in any sensitive IT sectors such as banking enterprises. Merely replacing classical cryptographic primitives does not fully address this migration. This migration requires upgrades to network devices (e.g., routers, firewalls, servers) to ensure compatibility with future quantum-safe security protocols. Due to the scale of enterprise networks, a phased upgrade is necessary, as simultaneous migration of all devices is infeasible. However, a quantitative method for identifying network device vulnerabilities in large-scale enterprise networks is currently lacking. We propose DoPQM: Devices Oriented Post-Quantum Migration, a framework for identifying network device vulnerabilities to quantum threats within enterprises network topologies. The primary objective of this work is to assist network administrators in identifying which network devices are more vulnerable to future quantum threats. DoPQM formalizes the Harvest Now, Decrypt Later (HNDL) adversarial model using a risk scoring mechanism that estimates HNDL attack likelihoods across network nodes. By leveraging graph theory, we identify central nodes based on the volume of data they handle. Each node is then assigned a criticality score that reflects its priority for post-quantum migration. Evaluation on a representative baking network reveals the Demilitarized Zone (DMZ) as the most HNDL vulnerable component.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

DoPQM: Devices Oriented Post-quantum Cryptographic Migration Strategies for an Enterprise Network

  • Amit Bhowmick,
  • Divyesh Saglani,
  • Lakshmi Padmaja Maddali,
  • Akhila Rayala,
  • Meena Singh Dilip Thakur,
  • Rajan Mindigal Alasingara Bhattachar

摘要

Quantum computing poses a major threat to classical cryptographic primitives (RSA, ECC, etc.), demanding an urgent migration to quantum-safe solutions, in any sensitive IT sectors such as banking enterprises. Merely replacing classical cryptographic primitives does not fully address this migration. This migration requires upgrades to network devices (e.g., routers, firewalls, servers) to ensure compatibility with future quantum-safe security protocols. Due to the scale of enterprise networks, a phased upgrade is necessary, as simultaneous migration of all devices is infeasible. However, a quantitative method for identifying network device vulnerabilities in large-scale enterprise networks is currently lacking. We propose DoPQM: Devices Oriented Post-Quantum Migration, a framework for identifying network device vulnerabilities to quantum threats within enterprises network topologies. The primary objective of this work is to assist network administrators in identifying which network devices are more vulnerable to future quantum threats. DoPQM formalizes the Harvest Now, Decrypt Later (HNDL) adversarial model using a risk scoring mechanism that estimates HNDL attack likelihoods across network nodes. By leveraging graph theory, we identify central nodes based on the volume of data they handle. Each node is then assigned a criticality score that reflects its priority for post-quantum migration. Evaluation on a representative baking network reveals the Demilitarized Zone (DMZ) as the most HNDL vulnerable component.