NIST Releases First Post-Quantum Encryption Recommendations
This is not hype. Within a decade, quantum computing will transform everything from weather forecasting to theoretical physics.
Proofs of Concept by Google and others have already demonstrated the technology's ability to solve equations within 200 seconds that would take a supercomputer ten thousands years to compute.
Take a moment to process that.
As one researcher put it: "We can envision quantum computing helping to design new materials — lightweight batteries for cars and airplanes, new catalysts that can produce fertilizer more efficiently (a process that today produces over 2% of the world's carbon emissions), and more effective medicines. We see a path clearly now, and we're eager to move ahead."
Quantum computers are simply in a league of their own, and whoever possesses the technology first will have built the most powerful tool since nuclear fision.
But along with its vast benefits, quantum computing also comes as a threat. Recent advances in AI serve as cautionary tale. While ChatGPT has certainly penned an impressive amount of poetry, it's also hard at work crafting new strains of malware for hacker groups.
As NIST Director Laurie Locascio put it, "Quantum computing technology could become a force for solving many of society's most intractable problems , [and NIST is committed] to ensuring it will not simultaneously disrupt our security."
One way in which this might occur is with encryption . It's no secret that quantum computers will be able to decrypt most current encryption standards within minutes. Hackers (and governments) have already collected vast amounts of encrypted data to decrypt in the future when and if it becomes possible. But all this is old news.
What's new is that NIST, after a rigorous 8 year development and selection process, has released three quantum-resistant encryption standards. Simultaneously, it urges the industry to adopt them as soon as possible.
Already, many tech firms (like Signal ) have done so.
The Three Standards
1. FIPS 203: General Encryption Standard (ML-KEM)
FIPS 203 is designed to be the primary standard for general encryption in the quantum computing era. It's based on the CRYSTALS-Kyber algorithm, now called ML-KEM (Module-Lattice-Based Key-Encapsulation Mechanism).
ML-KEM relies on lattice-based cryptography, specifically module lattices, which are mathematical structures that remain secure against quantum attacks. This algorithm uses small encryption keys, making it efficient in terms of speed and key size. The keys can be exchanged easily between parties, making it practical for real-world applications.
FIPS 203 is ideal for encrypting data that requires both security and efficiency. It's suited for general-purpose encryption needs, such as securing communications over the internet, encrypting sensitive information in databases, and ensuring data confidentiality in cloud services .
领英推荐
2. FIPS 204: Digital Signature Standard (ML-DSA)
FIPS 204 is based on the CRYSTALS-Dilithium algorithm, renamed ML-DSA (Module-Lattice-Based Digital Signature Algorithm).
ML-DSA, like ML-KEM, is grounded in lattice-based cryptography. It uses mathematical structures that resist quantum attacks, ensuring that digital signatures remain secure even against future quantum computers. The algorithm generates signatures that can be efficiently verified, making it suitable for environments where performance and security are both crucial.
This standard is best for scenarios where digital signatures are critical, such as signing software updates, securing electronic transactions, and ensuring the authenticity of documents. ML-DSA is well-suited for environments where digital signatures are used frequently and need to be both secure and efficient.
3. FIPS 205: Backup Digital Signature Standard (SLH-DSA)
FIPS 205 is also designed for digital signatures but serves as a backup to FIPS 204. It uses the Sphincs+ algorithm, now called SLH-DSA (Stateless Hash-Based Digital Signature Algorithm).
Unlike ML-DSA, SLH-DSA is based on a different mathematical approach using stateless hash-based cryptography. This method does not rely on lattice structures, providing an alternative in case lattice-based methods are compromised. The hash-based signatures generated by SLH-DSA are larger, but the approach is robust against a broad range of potential attacks, including those from quantum computers.
FIPS 205 is particularly useful in high-security environments where a backup to lattice-based signatures is necessary. It's ideal for long-term data integrity, securing archival records, and ensuring that critical infrastructure remains protected even if primary signature methods are compromised.
Conclusion
Taken together, "these post-quantum encryption standards secure a wide range of electronic information, from confidential email messages to e-commerce transactions that propel the modern economy," wrote the agency .
As the process can take some time, NIST recommends that organizations begin migrating to a post-quantum encryption standard immediately.
For more information about post-quantum cryptography or to begin migrating, visit: https://www.nccoe.nist.gov/crypto-agility-considerations-migrating-post-quantum-cryptographic-algorithms
Note: Levitate Marketing partners with security providers around the globe. This article was commissioned by Silent Breach , an award-winning provider of cyber security services.