NIST announced the first four quantum-resistant cryptographic algorithms

Gaitherberg, MD. — The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first encryption tools designed to withstand future quantum computer attacks, which could break the security used to protect privacy. With the digital systems we rely on every day – like online banking and email software. The four chosen encryption algorithms will form part of NIST’s post-quantum encryption standard, expected to be completed within two years.

“Today’s announcement is an important milestone in protecting our sensitive data against future cyberattacks from quantum computers,” said Commerce Secretary Gina M. Raimondo. “Thanks to NIST’s expertise and commitment to advanced technology, we are able to take the necessary steps to protect electronic data so that American businesses can continue to innovate while maintaining the trust and confidence of their customers.”

The announcement follows a six-year effort led by NIST. The election is the beginning of the agency’s final phase. Post-Quantum Cryptography Standardization Project.

“NIST constantly looks ahead to anticipate the needs of U.S. industry and society at large, and when developed, quantum computers capable of breaking today’s encryption pose a serious threat to our information systems,” said the deputy secretary general. Business Standards and Technology and NIST Director Laurie E. Locasio. “Our Post-Quantum Cryptography Program has brought together the top minds in cryptography – globally – to produce this first group of quantum-resistant algorithms that lead to standardization and dramatically increase the security of our digital data.

Four more algorithms were considered for inclusion in the ranking, and NIST plans to announce finalists from that round in the next day or so. NIST is announcing the selections in two phases because of the need for a robust array of defenses. As cryptographers have recognized since the beginning of the NIST effort, there are many different systems and functions that use encryption, and a useful standard provides solutions designed for different situations, uses different approaches to encryption, and provides more than one algorithm for each use case. The event proves that one is vulnerable.

Encryption uses math to protect sensitive electronic information, including the secure websites we surf and the emails we send. Widely used Public key encryption systemsMake sure these web pages and messages are accessible to unwanted third parties by relying on mathematical problems that even the fastest standard computers can’t fool.

However, a quantum computer with sufficient capacity is based on a different technology than the conventional computers we have today, and it can solve these mathematical problems quickly, it can overcome encryption systems. To counter this threat, the four quantum-protective algorithms are based on mathematical problems that both conventional and quantum computers should struggle to solve, thereby protecting privacy now and down the road.

The algorithms are designed for two main functions that encryption typically performs: general encryption, which is used to protect data exchanged across public networks; and digital signatures, used for authentication. All four algorithms were developed by experts from many countries and institutions.

For general encryption, NIST chose the one used when accessing secure websites. Crystal-Kiber Algorithm. Among the advantages are the relatively small size of encryption keys, which can easily be exchanged between two components, as well as the speed of operation.

For digital signatures, NIST chose three algorithms that we often use to verify identities during digital transactions or sign documents remotely. Crystal-dilithium, FALCON And SPHINCS+ (Read as “Sphincs plus”). Reviewers noted high efficiency of the first two, and NIST recommends FALCON as the primary algorithm for applications requiring fewer signatures than Dilithium can provide. The third, SPHINCS+, is somewhat larger and slower than the other two, but it’s valuable as a backup for one main reason: It’s based on a different mathematical approach than all three NIST choices.

Three of the selected algorithms are based on a family of mathematical problems called structured lattices, while SPHINCS+ uses hash functions. Still, the additional four algorithms under consideration are designed for general encryption and do not use structured lattices or hash functions in their approach.

While the standard is being developed, NIST encourages security professionals to examine the new algorithms and think about how their applications will use them, but not to bake them into their systems yet, as the algorithms may change slightly before the standard is finalized.

To prepare, users can reserve their systems for applications that use public-key cryptography, which must be replaced before cryptographically relevant quantum computers appear. They can also notify their IT departments and vendors about the upcoming change. To participate in developing a guide for the transition to post-quantum cryptography, see NIST National Cyber ​​Security Center of Excellence Project p.

All algorithms are available On the NIST website.