TY - GEN
T1 - Challenges in the Transition towards a Quantum-safe Government
AU - Kong, Ini
AU - Janssen, Marijn
AU - Bharosa, Nitesh
PY - 2022
Y1 - 2022
N2 - The computation power of quantum computers introduces new security threats in Public Key Infrastructure (PKI), a system used by many governments to secure their digital public services and communication. This calls for an inevitable need for governments to be quantum-safe (QS) by modifying their PKI systems to be resistant to the attacks of quantum computers. However, there is limited academic literature on a QS PKI system, and in this limited literature, the transition challenges are perceived as exclusively technological. This paper aims to create a structured overview of challenges when transitioning to a QS PKI system. We do this by reviewing literature and classifying the challenges using Technology-Organization-Environment (TOE) framework and using an expert workshop to explore the challenges in the context of the PKI system in the Dutch government. The main challenges in the technological context include no universal QS solution, legacy system, complex PKI interoperability, and vulnerable Root CA. The main challenges in the organizational context include knowledge gap, unclear governance, lack of urgency, and in-house management support. Furthermore, the main challenges in the environmental context include institutional void, stakeholder collaboration, lack of awareness, and policy guidance. The results indicate that the QS transition from the current PKI system is complex, and the challenges are socio-Technical. For policy-makers, this implies that they should start early to prepare, whereas organizations are hardly aware of the process of QS transition and the topic of quantum computing is yet to develop the urgency in organizations.
AB - The computation power of quantum computers introduces new security threats in Public Key Infrastructure (PKI), a system used by many governments to secure their digital public services and communication. This calls for an inevitable need for governments to be quantum-safe (QS) by modifying their PKI systems to be resistant to the attacks of quantum computers. However, there is limited academic literature on a QS PKI system, and in this limited literature, the transition challenges are perceived as exclusively technological. This paper aims to create a structured overview of challenges when transitioning to a QS PKI system. We do this by reviewing literature and classifying the challenges using Technology-Organization-Environment (TOE) framework and using an expert workshop to explore the challenges in the context of the PKI system in the Dutch government. The main challenges in the technological context include no universal QS solution, legacy system, complex PKI interoperability, and vulnerable Root CA. The main challenges in the organizational context include knowledge gap, unclear governance, lack of urgency, and in-house management support. Furthermore, the main challenges in the environmental context include institutional void, stakeholder collaboration, lack of awareness, and policy guidance. The results indicate that the QS transition from the current PKI system is complex, and the challenges are socio-Technical. For policy-makers, this implies that they should start early to prepare, whereas organizations are hardly aware of the process of QS transition and the topic of quantum computing is yet to develop the urgency in organizations.
KW - Quantum-Safe Governmen
KW - Post Quantum Cryptography
KW - Pub- lic organization
KW - Public Key Infrastructure transition challenges
KW - Systematic
UR - http://www.scopus.com/inward/record.url?scp=85139003413&partnerID=8YFLogxK
U2 - 10.1145/3543434.3543644
DO - 10.1145/3543434.3543644
M3 - Conference contribution
AN - SCOPUS:85139003413
T3 - ACM International Conference Proceeding Series
SP - 282
EP - 292
BT - Proceedings of the 23rd Annual International Conference on Digital Government Research
A2 - Hagen, Loni
A2 - Solvak, Mihkel
A2 - Hwang, Sungsoo
PB - ACM
T2 - 23rd Annual International Conference on Digital Government Research: Intelligent Technologies, Governments and Citizens, DGO 2022
Y2 - 15 June 2022 through 17 June 2022
ER -