The Future of Encryption

Today’s federal agencies are generating, analyzing, and transporting data at an unprecedented, exponentially accelerating rate. To keep all that data safe—whether it’s at rest, in use, or on the move—the government must not only employ today’s most reliable encryption technologies, it must be ready to adopt tomorrow’s as well. As insider and adversarial threats grow and advance, promising new approaches to encryption—like post-quantum cryptography, quantum key distribution, and homomorphic encryption—will be key to maintaining the nation’s information security.  

Most modern encryption systems are key based. To keep data usable only to those with permission to access it, an encryption key uses an algorithm to encode readable data into unreadable data. When a credentialed person or machine is ready to access that data, a decryption key is used to make it readable again.

Key-based encryption methods may be adequate today, but they have a number of weaknesses that will make them less effective as threats to data security grow more numerous and sophisticated. Those challenges include:

• When an encryption key is lost—the data it’s been used to encrypt is effectively lost as well.
• Key-encrypted data must be decrypted while it’s in use, leaving it less secure any time it’s being worked with.
• While key-encrypted data is currently practically impossible to decode without the right decryption key, emerging technologies will likely make it easier for determined adversaries to crack.

As cyber adversaries become more sophisticated and enterprise mobility, cloud, and Internet of Things technologies are more broadly and thoroughly embraced by federal agencies, more powerful encryption methods will be necessary. Organizations will need to prepare for the adoption of superior emerging encryption technologies as they become available for practical use. 

What should you and your organization be thinking about as we look toward a future where information is secured with more advanced methods of encryption? Here are our top takeaways for Federal Government leaders.

1. View encryption innovation as a digital transformation enabler. Emerging encryption technologies will be critical to enabling the secure growth and advancement of the government’s digital ecosystems. While needs will vary by organization, advanced encryption will be central to any modernized digital infrastructure.
2. Be prepared for the quantum era. In the coming years, post-quantum cryptography will be needed for workspaces with data that needs to be secure for long periods after initial encryption.
3. Design near-term and longer term strategies for encryption. The increase in remote work brought on by the COVID-19 pandemic and the exponential rise in digital transactions have dramatically increased the size of the cyber attack surface. Whether in the near term (e.g., with behavioral biometrics) or medium term (e.g., with quantum key distribution and homomorphic encryption), advanced encryption software can help government agencies better address nefarious activity.