NIST begins rollout of quantum-proof algorithms


The National Institute of Standards and Technology (NIST) will issue draft standards for three of the four algorithms it selected last year to withstand cyberattacks by quantum computers, so they are ready for widespread use in 2024.

This standardization process marks the final step before making the mathematical tools available to organizations around the world so they can integrate them into their encryption infrastructure, NIST says.

ADVERTISEMENT

Heralded as potentially marking breakthroughs in clean energy, medical research, and other core industries such as transportation, quantum computers when stabilized or rendered “noise-free” will bring huge benefits to humankind, advocates say.

However, they also acknowledge that these vastly more powerful computers, when fully functional, will be able to crack all algorithms based on the RSA and ECC protocols that have underpinned encryption and therefore cybersecurity for decades.

Hence NIST farming out research into quantum-proof encryption in 2016, before finally narrowing this down last year from the original field of 69 to four algorithms that can withstand a quantum assault.

Now, the project to render cybersecurity quantum-ready continues apace with the announcement by NIST on August 24th that draft standards of CRYSTALS-Kyber, CRYSTALS-Dilithium, and SPHINCS+ will be rolled out to organizations needing them. The fourth, FALCON, is due to receive its own draft next year.

Calling all experts

Once again, NIST is turning to the international scientific community for feedback, asking cryptographers to assess how the three algorithms perform on the ground and submit their findings by November 22nd.

“We’re getting close to the light at the end of the tunnel, where people will have standards they can use in practice,” said Dustin Moody, a NIST mathematician and leader of the project. “For the moment, we are requesting feedback on the drafts. Do we need to change anything, and have we missed anything?”

Nor will that be the end of NIST’s work. Research has begun on a second set of “backup” algorithms, intended to augment the first wave. The US federal agency says it will publish draft standards for any of these new codes if they make the grade.

ADVERTISEMENT

Moody said he believed only one or two would likely be selected for this second batch, and that they will be designed for “general encryption” but based on different mathematical problems so as to provide an extra layer of defense should the first wave falter.

While quantum computers that can crack RSA and ECC are years away, experts point out that it’s vital to get ahead of the curve as implementation of new cybersecurity algorithms can also take time.

Sensitive information such as bank transfers is currently protected using this old system, also known as “public-key encryption,” which bases itself on mathematical problems that a conventional computer cannot easily solve.

To illustrate the difference, whereas the most powerful supercomputer using today’s technology would take trillions of years to break past a 2048-bit RSA encryption, a functioning quantum machine could do it in eight hours.