The quantum threat is real, and the clock is ticking. With government deadlines set for 2030, organizations have just five years to migrate their cryptographic infrastructure before quantum computers can break current RSA and elliptic curve systems. 

In this episode of "What's in the SOSS," join host Yesenia Yser as she sits down with David Hook (VP Software Engineering) and Tomas Gustavsson (Chief PKI Officer) from Keyfactor to break down post-quantum cryptography, from ELI5 explanations of quantum-safe algorithms to the critical importance of crypto agility and entropy. Learn why the financial sector and supply chain security are leading the charge, discover the hidden costs of migration planning, and find out why your organization needs to start inventory and testing now because once quantum computers arrive, it's too late.

Episode Chapters:

• 00:00 Introduction
• 00:22 Podcast Welcome
• 00:01 - 01:22: Introductions and Setting the Stage
• 01:23 - 03:22: Post-Quantum 101 - The Quantum Threat Explained
• 03:23 - 06:38: Government Deadlines and Industry Readiness
• 06:39 - 09:14: Bouncy Castle's Quantum-Safe Journey
• 09:15 - 10:46: The Power of Open Source Collaboration
• 10:47 - 13:32: Industry Sectors Leading the Migration
• 13:33 - 16:33: Planning Challenges and Crypto Agility
• 16:34 - 22:01: The Randomness Problem - Why Entropy Matters
• 22:02 - 26:44: Getting Started - Practical Migration Advice
• 26:45 - 28:05: Supply Chain and SBOMs 
• 28:06 - 30:48: Rapid Fire Round
• 30:49 - 31:40: Final Thoughts and Call to Action

Episode links:

• Tomas Gustavsson LinkedIn page
• David Hook LinkedIn page
• Keyfactor
• Bouncycastle.org
• EJBCA.org
• SignServer.org
• Get involved with the OpenSSF
• Subscribe to the OpenSSF newsletter
• Follow the OpenSSF on LinkedIn