Encryption & Key Management , Security Operations

US NIST Formalizes 3 Post-Quantum Algorithms

Agency Also Formalizes 2 Digital Signature Standards; 1 More to Come Later in Year
US NIST Formalizes 3 Post-Quantum Algorithms
The U.S. government is preparing for a post-quantum computing world. (Image: Shutterstock)

The U.S. federal government finalized three encryption algorithms it says will withstand the onslaught of quantum computing, concluding a process it initiated nearly a decade ago.

See Also: OnDemand | The Evolving Cryptography Cybersecurity Threat in Energy Critical Infrastructure Protection (CIP) Environments

The National Institute of Standards and Technology, a global trendsetter for cryptographic standards, announced the publication of a post-quantum standard for general encryption as well as two digital signature standards.

The agency in 2022 selected the algorithms, then known as CRYSTALS-Kyber, CRYSTALS-Dilithium and Sphincs+, after soliciting in December 2016 proposals for post-quantum computing encryption models. Today's announcement officially elevates those algorithms to a federal information processing standard.

"Quantum computing technology could become a force for solving many of society's most intractable problems, and the new standards represent NIST's commitment to ensuring it will not simultaneously disrupt our security," said NIST Director Laurie Locascio.

The agency intends to formalize an additional algorithm for digital signatures, dubbed FALCON, later this year.

A panel of cryptography experts in 2019 concluded that a quantum computer capable of breaking a modern encryption algorithm consisting of 2,048 bits is still years away but said the transition to post-quantum cryptography should begin "as soon as possible." Most experts anticipate that a "cryptanalytically relevant quantum computer" - as it is known - will likely come online in the first years of the coming decade.

Superfast computers that use atom-level states of uncertainty are likely in time, provoking fears that a cryptanalytically relevant quantum computer could be activated before the global transition to quantum-resistant encryption is complete. National security experts also warn that competitor nations could deploy a "harvest now, decrypt later" strategy of hoarding currently unbreakable encrypted messages for retroactive decryption with a quantum computer.

A July White House report estimates the cost through 2035 for transitioning key federal systems to post-quantum encryption will be $7.1 billion. That figure could easily go up, the White House warned, since the transition will require the replacement of systems whose cryptographic algorithms are hardwired into the hardware or firmware or otherwise can't be updated for the post-quantum world.

President Joe Biden in May 2022 called for a "whole of government and whole of society strategy" to harness the benefits of quantum technology. His executive order created a National Quantum Initiative Advisory Committee made up of 26 experts from industry, academia and national laboratories.


About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.