As part of the ongoing cryptography standardization project led by the U.S. federal government, the National Institute of Standards and Technology (NIST) has unveiled the first four cryptographic algorithms designed to withstand quantum computing attacks.
These four recommended algorithms are part of NIST’s post-quantum cryptographic standard, expected to be finalized in about two years. Four additional algorithms are being considered for the fourth round of standardization and will be announced in the near future.
The announcement was the result of a six-year-long effort involving leading cryptographers across the globe formulating, vetting, and submitting encryption methods that could successfully resist a quantum attack.
“Today’s announcement is an important milestone in securing our sensitive data against the possibility of future cyberattacks from quantum computers,” said Gina Raimondo, U.S. secretary of commerce. “Thanks to NIST’s expertise and commitment to cutting-edge technology, we are able to take the necessary steps to secure electronic information so U.S. businesses can continue innovating while maintaining the trust and confidence of their customers.”
What Are the Four New Algorithms?
According to NIST, the algorithms are designed for two chief use cases, where encryption is typically used: general encryption and digital signatures.
For general encryption used to secure websites, NIST has selected the CRYSTALS-Kyber algorithm due to its speed of operation and comparatively small encryption keys.
For digital signatures used to verify identities, NIST has selected three algorithms—CRYSTALS-Dilithium, FALCON, and SPHINCS+.
NIST recommends CRYSTALS-Dilithium as the primary algorithm. The FALCON algorithm will be used for applications that need smaller signatures than Dilithium can provide. The third algorithm, SPHINCS+, is said to be relatively larger and slower than the other two but has been selected as a backup since it is based on a different mathematical approach than the other three.
Why Is There a Need for Newer Encryption Algorithms?
Current encryption protocols, such as RSA and Diffie-Hellman, rely on mathematical problems that are unsolvable by even the most powerful conventional computers. However, powerful, large-scale quantum computers that operate on an entirely different technology than today’s computers may be able to crack many of the existing, widely-used public key cryptography algorithms in a very short time. This would leave all internet communications and transactions vulnerable to attacks and seriously jeopardize data privacy and integrity.
Techniques such as increasing the key length will not be enough to counter quantum-based threats, hence the quest for quantum-resistant algorithms that rely on mathematical problems intractable for both conventional and quantum computers. These algorithms can help quantum-proof organizations and guarantee data privacy and security.
What Does NIST’s Announcement Mean for Organizations?
Powerful, large-scale quantum computers or CRQCs (cryptanalytically relevant quantum computers) are a fast-approaching reality. Before they become available for commercial use, it is imperative that organizations arm their information security systems with reliable quantum-resistant defenses.
The recent presidential directive related to quantum computing also highlighted the looming threat and called for measures to drive the widespread adoption of quantum-resilient cryptographic standards. Against this backdrop, NIST’s selection of new encryption standards is a significant first step towards addressing threats posed by quantum computing. It also provides a glimpse of what encryption and digital security will look like in the quantum future. Security experts strongly recommend that organizations see this as an opportunity to reassess their crypto infrastructures and start preparing for the post-quantum migration with a clear action plan.
Duncan Jones, head of cybersecurity at Quantinuum, said, “Organizations can now accelerate their implementation and testing efforts, safe in the knowledge they aren’t backing the wrong horse.”
“CISOs in every industry should be working hard on their post-quantum migration plans, so they are ready to launch into production as soon as standardization is complete in 2024,” Jones added.
As part of the preparation, NIST also encourages organizations to prioritize crypto-agility as it can play a crucial role in cryptographic migrations. Crypto-agility is a measure of how quickly an organization can adapt to newer cryptographic standards with minimal service disruption. It helps organizations migrate to newer and safer standards quickly and efficiently.
Migrating from one cryptographic standard to another is often seen as a complex, tedious activity that can drag on for months and even years. But, it doesn’t have to be this complex or tedious. With a well-defined plan, the right automation tools, and a crypto-agility plan, migration can be more smooth sailing. If you would like to know more about how you can best prepare for a successful migration, check out this blog: Preparing for a TLS Upgrade: A Migration Plan.