Frequently Asked Questions (FAQs)

Edit online

The following FAQs are listed for PQC symmetric key policy that states AES keys less than 256 bits are PQC unsafe.

  • Why does the policy flag any symmetric key that is not AES-256 as PQC unsafe?

    This policy follows a conservative interpretation of emerging post-quantum recommendations. AES-256 offers the strongest known protection against potential quantum attacks, especially against Grover’s algorithm, which can reduce the effective strength of symmetric key cryptography. By using AES-256 as the benchmark, the policy ensures that organizations are aligned with the highest long-term security expectations.

  • Does this mean AES-128 or AES-192 are insecure today?

    No. AES-128 and AES-192 are still widely accepted and secure in classical (non-quantum) environments. The PQC unsafe label indicates future risk, not current compromise. Organizations with data that require long-term confidentiality (for example, health records, government data, intellectual property, or financial archives) need to plan for stronger post-quantum resistance.

  • What about data that has a short lifecycle?

    If encrypted data will no longer be sensitive or valuable by the time quantum computing becomes practical, the urgency to adopt AES-256 may be less. For short-lived or less-impact data, organizations may choose to accept the risk or defer remediation.

  • Is this policy aligned with National Institute of Standards and Technology (NIST) PQC guidelines?

    Yes. While NIST does not mandate required symmetric key sizes post-quantum, the recommendation trend especially for long-term security favors AES-256. This policy aligns with that forward-looking guidance and supports early readiness.

  • What is the meaning of harvest now, decrypt later?

    This refers to the possibility that attackers may collect encrypted data today, store it, and wait until quantum computing becomes capable of breaking the underlying encryption. Organizations protecting long-term or regulated data should assume this risk model when you plan key sizes.

  • Can this policy be customized to treat AES-128 or other algorithms as acceptable?

    This is a system-defined policy and cannot be modified. You can deactivate it and create your own custom policy definition.

  • Will symmetric key recommendations change again as PQC standards evolve?

    Possibly. PQC guidance is evolving as research, adoption, and standards progress. The platform is designed for crypto-agility so that the policies can adapt as new standards and recommendations emerge.

  • Does this policy impact asymmetric key or hybrid PQC algorithms?

    No. This policy applies only to symmetric cryptography. Separate policies address asymmetric keys and PQC-hybrid transitions.

  • What is the recommended next step if this policy triggers findings in the environment?
    You may:
    • Accept the risk (if aligned with your threat model).
    • Plan remediation as part of a crypto modernization roadmap.
    • Prioritize high-impact assets first, especially where long-term encryption validity is required.
  • Is remediation urgent?
    Urgency depends on the sensitivity and lifespan of the protected data.
    • For high-value or long-retention data, early transition is recommended.
    • For less-impact or short-retention workloads, the transition may be prioritized later.