“We are a cyber nation. The U.S. information infrastructure--including telecommunications and computer networks and systems and the data that reside on them--is critical to virtually every aspect of modern life. This information infrastructure is increasingly vulnerable to exploitation, disruption, and destruction by a growing array of adversaries.”

The National Coordination Office (NCO) for Networking Information Technology Research and Development (NITRD), Federal Register: December 30, 2008 (Volume 73, Number 250).

"But conventional security is not enough. The complexity of today's operational environment means organisations must embrace a level of business resilience that is normally associated with the protection of critical national infrastructure."

Detica, a BAE Systems Company

“The time needed to factor an RSA integer is the same order as the time needed to use that same integer as modulus for a single RSA encryption.   In other words, it takes no more time to break RSA on a quantum computer (up to a multiplicative constant) than to use it legitimately on a classical computer.”

Professor Gilles Brassard,  "Quantum Information Processing: The Good, the Bad and the Ugly", 1997

"The future ability of quantum computers might be a decade or two away, their future ability to break public-key cryptography has important implications for the encryption of highly sensitive information today. For these applications, we must already design new public-key cryptosystems and one-way functions that are immune to quantum cryptanalysis."

ARDA, Report of the Quantum Information Science and Technology Experts Panel, 2004

Public key crypto key exchanges (RSA, D&H, ECC) would be ‘flat-lined’ under a quantum computer attack … "Open Problem”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006

"Many crypto-systems considered robust have been broken after a certain amount of time (between 10-20 years).  ... We need to build crypto-systems that offer long term security, for example for protecting financial and medical information (medical information such as our DNA may be sensitive information with impact on our children, our grandchildren and beyond)."

“Never underestimate the attention, risk, money and time that an opponent will put into reading traffic.”

Robert Morris, former Chief Scientist of the US National Security Agency (NSA), National Computer Security Center, "Crypto '95 invited talks by R. Morris and A. Shamir", 1995

“Build-in Security: Ensure that security is considered and built into the design of new infrastructure, so that our critical assets are protected from the start and more resilient to naturally-occurring and deliberate threats throughout their life-cycle."

Obama-Biden Plan, Agenda: Homeland Security, December 2008

“The more complex the threats become, the more you have to do the basics and groundwork really well. Staying aware and on top of new vulnerabilities and ensuring that patches and software updates are rapidly implemented is crucial.”

Jeff Shipley, Cisco Intelligence Collection Manager, Cisco 2008 Annual Security Report

“So the threat to cryptography is well understood due to work by Peter Shor and others. A symmetric algorithm like AES or others standard crypto processes is cut (of) key-size in half, which is a dramatic reduction. ... For key management purposes, against the RSA and the Diffie-Hellman and stuff, they flat-line under a quantum computer.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006

“Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

"Security and dependability issues typically go along with the life cycle of a technology.  The trend to first deploy a technology and later fix its problems – typically driven by economic motives – is gradually making way for security by design, resulting in improved security at the beginning of the life cycle."

“The software security industry today is at about the same stage as the auto industry was in 1930" ... "it looks fast, goes nice but in an accident you die.” ... "The major shortfall is absence of assurance (or safety) mechanisms in software. If my car crashed as often as my computer does, I would be dead by now."

Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

“New concepts for quantum computer implementations, algorithms, and advances in the theoretical understanding of the physics requirements for quantum computers appear almost weekly in the scientific literature.”

ARDA, Report of the Quantum Information Science and Technology Experts Panel

“Advances have often been done in steps, and beyond approximately 10 years into the future, the general feeling among ECRYPT partners is that recommendations made today should be assigned a rather small confidence level, perhaps in particular for asymmetric primitives.”

European ECRYPT Network of Excellence, “Yearly Report on Algorithms and Key Lengths (2007-2008)", 2008

"My colleagues at MIT and I have been building simple quantum computers and executing quantum algorithms since 1996, as have other scientists around the world. Quantum computers work as promised. If they can be scaled up, to thousands or tens of thousands of qubits from their current size of a dozen or so, watch out!”

Prof Seth Lloyd of MIT, MIT Review 2008

"There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt