A set of draft standards designed to help keep data, networks and infrastructure safe from future hackers using quantum computers has been published by the US National Institute for Standards and Technology (NIST). There are four algorithms in total but only three have been published as part of this round.
NIST has been working on the final selection of post-quantum algorithms for seven years, with experts, companies and other organisations to test and finalise a set of standards by next year. The new cryptographic standards will be available for public and private organisations to integrate into products and infrastructure.
This time last year, four candidate standards were put forward by NIST, including CRYSTALS-Kyper, which is designed for general encryption purposes. The other three were all focused on securing digital signatures. These included CRYSTALS-Dilithium, SPHINCS+ and FALCON.
All of the standards except FALCON have been given draft Federal Information Processing Standard (FIPS) status, with their publication as official standards set to be confirmed next year. FALCON will have to wait until next year to be given its FIPS status.
NIST’s aim is that, over time, its new post-quantum encryption standards will replace the institution’s current cryptographic standards that are most vulnerable to quantum computers, namely FIPS 186-5, NIST SP 800-56A and NIST SP 800-56B. A hybrid version of a NIST-approved algorithm, ‘X25519Kyber768’, was recently woven into Google’s Chrome browser.
NIST has asked the global cryptographic community to provide feedback on the draft standards ahead of the November deadline. “We’re getting close to the light at the end of the tunnel, where people will have standards they can use in practice,” said Dustin Moody, a NIST mathematician and leader of the project. “For the moment, we are requesting feedback on the drafts. Do we need to change anything, and have we missed anything?”
Plans for future rounds
The new algorithms will be used to protect sensitive electronic information, replacing existing public-key encryption techniques based on mathematical problems quantum computers will be able to easily crack. They will also protect data stolen today with the aim of cracking it in the future, or so-called ‘Harvest Now, Decrypt Later’ attacks – though such breaches are, for the moment, entirely theoretical.
When NIST started its competition to find new post-quantum encryption standards in 2016, 69 eligible algorithms were put forward by companies and organisations. Many of these were, unfortunately, cracked early on during the initial evaluation process by classical computers.
There will be future rounds for additional standards, with a second set of algorithms already going through evaluation and set for draft publication next year. This may include more general-purpose encryption along the same lines as CRYSTALS-Kyber. “They will offer alternative defence methods should one of the selected algorithms show a weakness in the future,” explained Moody.
The NIST draft standards will likely become the global benchmark for post-quantum cryptography. Dr Ali El Kaafarani, PQShield’s founder and CEO, told Tech Monitor their publication marks a “significant turning point” for the cryptographic community. The Oxford-based startup contributed to the design schemes used in all four of the initial draft standards and claims it is already seeing interest for their implementation from companies in the defence, automotive and semiconductor sectors. This includes Collins Aerospace, MBDA Missile Systems, HCL Technologies, Lattice Semiconductor, and AMD.
“Previously, a key barrier to adoption and migration to post-quantum cryptography has been confidence in exactly how and when the new algorithms will be finalised,” says Kaafarani. “NIST’s new draft standards provide this assurance and a framework that allows everyone to move forward. This is a testament to the expertise of our world-leading researchers and engineers as well as the collective dedication of the entire post-quantum cryptography community.”