Quantum Resistance with PQC on BIG-IP Local Traffic Manager (LTM)
Quantum computing threatens today’s encryption methods. Safeguard data with Post-Quantum Cryptography (PQC) in BIG-IP LTM.
Safeguarding Against Future Threats
Quantum computers capable of breaking current encryption algorithms are expected to become viable within the decade, making PQC adoption urgent. Bad actors are already harvesting data to decrypt later, putting sensitive customer information at risk. Protecting data with PQC standards today ensures long-term security. Don’t wait—BIG-IP can help you achieve PQC readiness now.
Bad actors are currently launching "harvest-now, decrypt-later" attacks, stealing data encrypted with contemporary algorithms today for decryption in the future, using quantum computers. Safeguarding today’s data with post-quantum encryption methods requires organizations to consider key factors when deploying post-quantum cryptography.
- Regulatory Compliance The National Institute of Standards & Technology (NIST) published draft algorithms under FIPS-203, with plans to evolve algorithms. Organizations must be able to adopt emerging standards.
- Computational Demands Quantum-resistant algorithms are more computationally demanding than less-quantum-secure algorithms. This creates performance burdens, especially when using hybrid cryptography (combining classical and quantum-safe algorithms) in application delivery solutions.
- Challenges Scaling Transitioning to Post-Quantum Readiness presents an industry-wide scaling challenge. Every organization will need to balance security and performance.
- Future Value of Data Sensitive data like personally identifiable information (PII), personal health information (PHI), intellectual property (IP), and business records can retain value long-term, making them prime “harvest now, decrypt later” targets for cybercriminals today, ready to be decrypted once quantum computers are readily available.
- Reducing Legal, Financial, and Reputational Risks Outdated cryptography leaves data vulnerable to breaches, noncompliance, and other risks. Quantum-resistant encryption with NIST-approved algorithms, can enhance data security, regulatory compliance, and strong protection against costly legal, financial, and reputational damage.
F5’s approach to Post-Quantum Readiness is extremely customer-focused: it's not just about deploying the newest ciphers in production but providing a sustainable, adaptable way forward. While some organizations are prematurely driving quantum ciphers that consume massive amounts of computing resources and may be incompatible with existing network architecture, F5 is building tools that prioritize longevity, efficiency, and scalability.
- Longevity Cryptography is an ever-evolving field. Today’s “quantum resistant” algorithms may be broken in the future. F5’s cryptographic solutions are built for adaptability, with regular updates to evaluate the resilience of existing cryptography, pivoting when necessary.
- Efficiency F5’s hardware-based acceleration strategy ensures efficient deployment of quantum-safe cryptography without creating unsustainable resource consumption.
- Scalability Customers within heavily regulated environments (e.g., financial institutions, healthcare, governments) often have the most pressing PQC needs. BIG-IP LTM’s scalable implementation ensures they can meet compliance requirements while still maintaining performance at scale.
Product Overview
BIG-IP LTM supports client- and server-side post-quantum algorithms for encryption of sensitive data. Even if clients or servers don’t support PQC natively, BIG-IP LTM can act as a PQC mediary for both client and server.
What can you do next?
The post-quantum transition isn’t optional, it’s inevitable. But the journey doesn’t need to be disruptive. F5 and BIG-IP LTM can help organizations stay ahead of the transition by creating crypto-agile infrastructures that secure their systems and set them up for future-compliant, quantum-safe policies.
Start by Conducting a PQC Readiness Assessment:
Investigate where you use TLS. Determine if your cryptographic handshakes are already vulnerable to threats like “harvest now, decrypt later.”
F5 can guide customers in identifying areas where quantum readiness is critical.
Deploy BIG-IP LTM with Crypto-Agile Solutions Today:
Transitioning to PQC strengthens your organization’s security posture while ensuring compliance and protecting against costly data breaches.
We’ll support you through evolving standards and help you make your systems future-proof for coming FIPS requirements and cryptographic evolutions.
Hardware
Deploy high-performance hardware in your on-premises data center or collocation facility.
Software (Virtual Edition)
Deploy on any hypervisor within your data center, collocation facility, or in AWS, Azure, or Google Cloud.
Core Capabilities
End to end encryption
Leverage post-quantum encryption from client to server.
ML-KEM Ciphers
Balance performance and security while maintaining PQC-readiness.
PQC Intermediary
BIG-IP centralizes cryptographic handshakes and encryption between clients and servers.
Resources
Featured
As quantum computing edges closer to reality, today’s encryption standards face a ticking clock. Learn how organizations can prepare for a post-quantum world with resilient, crypto-agile solutions that safeguard data against tomorrow’s threats.