Encryption & Key Management , Security Operations
US NIST Formalizes 3 Post-Quantum Algorithms
Agency Also Formalizes 2 Digital Signature Standards; 1 More to Come Later in YearThe U.S. federal government finalized three encryption algorithms it says will withstand the onslaught of quantum computing, concluding a process it initiated nearly a decade ago.
See Also: OnDemand | Powering ANZ Grids: Navigating Cyber Threats in the Energy Sector
The National Institute of Standards and Technology, a global trendsetter for cryptographic standards, announced the publication of a post-quantum standard for general encryption as well as two digital signature standards.
The agency in 2022 selected the algorithms, then known as CRYSTALS-Kyber, CRYSTALS-Dilithium and Sphincs+, after soliciting in December 2016 proposals for post-quantum computing encryption models. Today's announcement officially elevates those algorithms to a federal information processing standard.
"Quantum computing technology could become a force for solving many of society's most intractable problems, and the new standards represent NIST's commitment to ensuring it will not simultaneously disrupt our security," said NIST Director Laurie Locascio.
The agency intends to formalize an additional algorithm for digital signatures, dubbed FALCON, later this year.
A panel of cryptography experts in 2019 concluded that a quantum computer capable of breaking a modern encryption algorithm consisting of 2,048 bits is still years away but said the transition to post-quantum cryptography should begin "as soon as possible." Most experts anticipate that a "cryptanalytically relevant quantum computer" - as it is known - will likely come online in the first years of the coming decade.
Superfast computers that use atom-level states of uncertainty are likely in time, provoking fears that a cryptanalytically relevant quantum computer could be activated before the global transition to quantum-resistant encryption is complete. National security experts also warn that competitor nations could deploy a "harvest now, decrypt later" strategy of hoarding currently unbreakable encrypted messages for retroactive decryption with a quantum computer.
A July White House report estimates the cost through 2035 for transitioning key federal systems to post-quantum encryption will be $7.1 billion. That figure could easily go up, the White House warned, since the transition will require the replacement of systems whose cryptographic algorithms are hardwired into the hardware or firmware or otherwise can't be updated for the post-quantum world.
President Joe Biden in May 2022 called for a "whole of government and whole of society strategy" to harness the benefits of quantum technology. His executive order created a National Quantum Initiative Advisory Committee made up of 26 experts from industry, academia and national laboratories.