NIST, an agency in the federal government of the United States (US), has finished its first draft of cryptographic algorithms that are immune to quantum computer attacks.
Quantum computers use the principle of quantum mechanics, and they are advanced computing systems that perform tasks that normal computers cannot.
Instead of using classical bits, these types of computers use qubits, which allow them to be in multiple states at once, enabling them to process complex problems at a faster rate than classical digital computers.
- FIPS 203: This standard focuses on general encryption using the CRYSTALS-Kyber algorithm, now called ML-KEM, noted for its minor, easily exchangeable keys and speed.
- FIPS 204: It is the primary standard for digital signatures, utilizing the CRYSTALS-Dilithium algorithm, renamed ML-DSA.
- FIPS 205: Designed as a backup for digital signatures, this standard uses the Sphincs+ algorithm, now SLH-DSA, offering a different mathematical approach than ML-DSA.
This development is happening when researchers globally try to build up quantum computers with fundamentally different operations from classical computers.
Quantum machines can hack today’s encryption systems which pose a significant risk to most activities conducted through the internet such as online transactions, chats, etc.
Easily analyze emerging malware with ANY.RUN interactive online sandbox - Try 14 Days Free Trial
Technical Analysis
In a major step towards cybersecurity, the United States National Institute of Standards and Technology (NIST) has released its inaugural set of post-quantum cryptography (PQC) standards.
These algorithms are already available for use, having been developed over an eight-year period in collaboration with global cryptographics experts.
Quantum computers, which pose an imminent threat to current encryption methods, were responsible for the introduction of these three new encryption algorithms.
According to an NIST report, quantum computers may be available within ten years, breaking all present-day cryptographic systems and exposing individuals, organizations, and nations to security threats.
- NIST has released a final set of encryption tools designed to withstand the attack of a quantum computer.
- These post-quantum encryption standards secure a wide range of electronic information, from confidential email messages to e-commerce transactions that propel the modern economy.
- NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible.
The U.S. government’s desire to sustain its technological supremacy in quantum computing while taking into cognizance its security discomforts is seen through this venture.
NIST’s attempt is to strike a delicate balance between the promising advancements in quantum technology and the need to safeguard classified electronic communications during the move into the post-quantum world.
This is important in protecting sensitive digital information in modern society such as the contents of emails, medical records, and national security data among others.
The primary difference between present encryption methods based on math problems computers can solve and these new standards are that they employ different mathematical approaches to counter both classical and quantum systems.
Dustin Moody, a mathematician at NIST leading the post-quantum cryptography standardization project, has called for the immediate inclusion of these algorithms into existing cryptographic systems noting that its full implementation will take time.
NIST is continuing to evaluate more sets of algorithms that might serve as backups, such as general encryption algorithms based on different math problems and a large group for digital signatures, but they emphasize that these newly announced standards are the core tools for general encryption and digital signature protection.
The institute plans to announce selections from these backup sets by the end of 2024 and in the near future, respectively.
Yet NIST insists that organizations should not wait to take up the present standards as they are necessary to protect information against possible quantum attacks.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot