The National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce has selected the first set of quantum-resistant encryption algorithms designed to “withstand the assault of a future quantum computer.”
Post-quantum cryptography (PQC) includes the CRYSTALS-Kyber algorithm for general encryption and CRYSTALS-Dilithium, FALCON, and SPHINCS+ for digital signatures.
“Three of the selected algorithms are based on a family of math problems known as structured lattices, while SPHINCS+ uses hash functions,” the National Institute of Standards and Technology (NIST), which launched the standardization process in January 2017, said in a statement.
Cryptography, which underpins the security of information in contemporary computer networks, derives its strength from the difficulty of solving mathematical problems on conventional computers, such as factoring large composite integers.
Should quantum computers reach maturity, they will have a profound effect on the current public-key algorithms, as what could take conventional computers trillions of years to decode a message will take only days or hours, making them vulnerable to brute-force attacks.
If large-scale quantum computers are ever constructed, they will be able to break many of the public-key cryptosystems in use today, according to the agency. This would compromise the privacy and security of digital communications on the Internet and elsewhere.
The situation is further complicated by a critical threat known as “hack now, decrypt later,” in which cyber adversaries harvest sensitive encrypted data sent today in the hopes of decrypting it in the future when quantum computing becomes available.
The four quantum-resistant algorithms selected by the National Institute of Standards and Technology are said to rely on mathematical problems that are difficult to solve on both classical and quantum computers, thereby protecting data from cryptanalytic attacks.
Before finalizing the post-quantum cryptographic standard, the agency intends to include four additional algorithms, a process that is expected to be completed within two years.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) recommend “strongly” that organizations begin preparing for the transition by following the Post-Quantum Cryptography Roadmap.