Post-Quantum Cryptography in WAN Infrastructure

This white paper addresses the urgent challenge posed by quantum computing to network security, particularly in wide-area network (WAN) infrastructures. It outlines the risks associated with cryptanalytically relevant quantum computers (CRQCs) and the necessity for organizations to adopt post-quantum cryptography (PQC) to safeguard sensitive data. The paper advocates for a WAN-first security approach, emphasizing the importance of securing data flows that traverse WANs, which are critical to business operations. It details the vulnerabilities of current encryption methods, such as RSA and ECC, and discusses the implications of harvest now, decrypt later (HNDL) attacks. The document presents standardized PQC algorithms and architectural best practices for transitioning to quantum-resistant security measures. It also highlights the role of new U.S. government regulations mandating PQC-certified encryption for national security systems by December 2031. The paper concludes by stressing the importance of proactive measures to protect against quantum threats, positioning the WAN as a frontline in the quantum security landscape.