NIST Announces their Post-Quantum Cryptographic Algorithms for Standardization
While awareness has been growing of the threat that quantum computing poses to current cryptography, the National Institute of Standards and Technology (NIST), together with the cryptographic community at large, has been working on a solution. They have been holding a standardization process for quantum resistant cryptography, also known as post quantum cryptography (PQC), which is secure against any known cyber-attacks, including attacks utilizing future quantum computers, while being deployable on any current digital device.
The Importance of Standards
Standards are an embodiment of a golden rule in data security, ‘don’t use your own cryptography.’ NIST’s PQC standardization process has been underway for 6 years with the initial call for proposals going out in 2016. In 2017, 69 different submissions were accepted from teams around the world. Since then, NIST has been narrowing the candidate pool and researchers have been performing in-depth cryptanalysis on these algorithms. InfoSec Global is proud to have been an active participate in this process, with one of its shared submissions SPHINCS+ being chosen for standardization, and another one SIKE being strongly considered for future standardization.
NIST Announces the First Four Algorithms for Standardization
On July 5th, 2022, NIST announced a suite of four PQC algorithms that they will standardize:
Once NIST releases its final standards, these new algorithms will become the default choice for secure communications. Though the completed standards may differ slightly from the current versions, the implementations, efficiency, and key sizes will all remain similar. Now is the ideal time to prepare your migration to quantum resistant algorithms, by following these two steps:
These steps will allow your organization to switch to PQC algorithms once NIST releases their final standards with minimum disruption, and to ensure the long-term confidentiality of your information.
NIST’s Future Works
The final standardization of the above algorithms is scheduled for 2024. As an extension of this process, NIST plans on further analyzing four additional key establishment algorithms for possible future standardization: SIKE, BIKE, Classic McEliece, and HQC. SIKE is another algorithm to which InfoSec Global was a contributor, and it could prove particularly useful in certain situations as SIKE has the smallest key sizes of any known PQC algorithms.
In a separate process, NIST plans to issue a new call for proposals for quantum-resistant digital signature algorithms. NIST states it “primarily seeks to diversify its signature portfolio with non-structured lattice signature schemes. NIST may also be interested in signature schemes that have short signatures and fast verification. Submissions in response to this call will be due in 2023.”
One final conclusion from this news and NIST’s continuing work is the clear need for organizations to enable themselves with a Cryptographic Agility Management Tool. This provides the ability to update and replace your cryptographic assets without disrupting existing operations. A crypto-agile approach allows for a plug-and-play installation of different cryptographic modules used in secure connections.
About the Writer:
Victoria de Quehen is a Cryptographer at InfoSec Global in Toronto. Her educational background includes an undergraduate degree in math from Queen’s University and a Master’s degree in Number Theory from McGill University. Professionally, she is developing innovative expertise in the field of digital security, where for the past 4 years she has been applying her knowledge of elliptic curves, and math in general, to conduct new cryptographic research on post-quantum encryption. She is actively involved in the post-quantum research community, and organizes international research workshops. Her main interest is in the optimization of post-quantum algorithms, with a special interested in hardware speed-ups, to improve security for information requiring long-term confidentiality.