ETSI Technical Committee Cyber Security has published TR 103 617, a report detailing the protocol requirements needed to make Virtual Private Networks resistant to future quantum computer attacks. The document highlights that widely used public-key systems like RSA and ECC are vulnerable to quantum decryption, posing a significant risk to data harvested today for later decryption. To address this, the report recommends a hybrid approach that combines quantum-safe and classic key establishment techniques to maintain security properties while mitigating quantum threats. It specifically analyzes underlying protocols such as IPSec, IKE, TLS, MACsec, and SSH, outlining the complex migration paths organizations must plan for to ensure long-term confidentiality.
Keywords: quantum-safe cryptography, hybrid security approach, VPN protocol requirements, RSA and ECC vulnerability, post-quantum migration