SOSS Community Day India

We depend on cryptography to secure our software supply chain. But what if that cryptography didn't work? What if an adversary could casually break your key signing? This session will detail one possible approach to convert a Quantum Vulnerable Stack to Quantum Resistant Stack focusing on Tekton, a powerful open-source framework for creating CI/CD as a sample. Chains is a component of Tekton that integrates with Sigstore to offer a Secure CI/CD solution. We will explore the steps to make Tekton Quantum Proof in the following sequence: - What are the Quantum threats to existing Cryptographic algorithms? - How to Identify the Quantum Vulnerabilities in Tekton? - What are Post Quantum Cryptographic (PQC) Algorithms? - Walkthrough of NIST standards and guidelines for migrating to PQC - Importance of HYBRID approach that includes classical quantum-resistant and new quantum signing algorithms in while transitioning. Key takeaway for the audience would be an understanding of Quantum Vulnerabilities, PQC, reliable guidelines for transitioning to quantum safe state along with a deep dive of how we transitioned Tekton quantum safe as reference implementation.