The National Institute of Standards and Technology (NIST) has just released its first three finalized post-quantum encryption (PQE) standards. These new standards are designed to keep data safe from the potential threats posed by quantum computers. They are essential for protecting everything from online shopping transactions to private email conversations, which are crucial to today’s digital world.
Image Credit: Sergey Tarasov/Shutterstock.com
Quantum Challenges to Encryption
Encryption is essential in our digital age, safeguarding everything from email content and photo libraries to medical records and national security information. It allows data to be transmitted over public networks securely, ensuring that only the intended sender and recipient can read it.
Currently, encryption relies on complex mathematical problems that are difficult or impossible for traditional computers to solve. However, a sufficiently advanced quantum computer (QC) could potentially solve these problems much faster, posing a threat to existing encryption methods.
As researchers worldwide work to develop quantum computers capable of breaking current encryption, it becomes crucial to explore new solutions. This has led to the development of post-quantum cryptography (PQC)—advanced security measures designed to protect data against the capabilities of future quantum computers, ensuring continued privacy and security for individuals, organizations, and nations.
Efforts by NIST
The US Department of Commerce’s NIST has finalized its key encryption algorithms and toolsets designed to withstand quantum computer attacks. These new post-quantum encryption (PQE) standards are crafted to safeguard a broad range of electronic information in the post-quantum era.
The first set of completed standards from NIST's post-quantum cryptography (PQC) project is now ready for implementation. These standards include the encryption algorithm code, detailed instructions for integrating them into systems and products, and guidance on their applications.
Crucially, these algorithms are built on mathematical problems that are challenging for both quantum and conventional computers to solve. While emerging quantum computing technology promises to address complex societal problems and transform fields like drug design, fundamental physics, and weather forecasting, these new standards are designed to ensure that security remains robust in the digital age.
NIST is advising computer system administrators to begin transitioning to these new standards, recognizing that full integration will take time. The standards will be pivotal for securing digital signatures, which are essential for identity authentication, as well as for general encryption to protect information transmitted over public networks.
The Three Standards
FIPS 203: This standard serves as the primary general encryption standard. It features fast operation and compact encryption keys that are easy for two parties to exchange. Based on the CRYSTALS-Kyber algorithm—now known as module-lattice-based key-encapsulation mechanism (ML-KEM)—FIPS 203 defines a key encapsulation mechanism (KEM) used to securely establish a shared secret key over a public channel. This shared key can then be used with symmetric key algorithms for encryption and authentication.
FIPS 204: Designed to be the primary standard for digital signature protection, this standard employs the CRYSTALS-Dilithium algorithm, which has been renamed to module-lattice-based digital signature algorithm (ML-DSA). ML-DSA is a suite of algorithms used for generating and verifying digital signatures and is considered secure even against attacks from large-scale quantum computers.
FIPS 205: Also intended for digital signatures, this standard utilizes the Sphincs+ algorithm, later renamed as a stateless hash-based digital signature algorithm (SLH-DSA). FIPS 205 serves as a backup if ML-DSA is found to be vulnerable, relying on a different mathematical approach to provide robust security.
Future Outlook
NIST has also continued to assess two other sets of algorithms that can serve as backup standards in the future. Although one of these sets contains three algorithms designed for general encryption, it is based on a math problem type different from the finalized standards’ general-purpose algorithm. Additionally, the other set consists of a larger group of algorithms primarily designed for digital signatures.
In conclusion, the three finalized PQE standards released by NIST could ensure adequate security of electronic information in the post-quantum future.
Journal Reference
NIST Releases First 3 Finalized Post-Quantum Encryption Standards [Online] Available at https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards (Accessed on 22 August 2024)
Disclaimer: The views expressed here are those of the author expressed in their private capacity and do not necessarily represent the views of AZoM.com Limited T/A AZoNetwork the owner and operator of this website. This disclaimer forms part of the Terms and conditions of use of this website.