• News

NIST releases three new quantum-safe algorithms

Quantum-Safe Algorithms

The U.S. Commerce Department’s National Institute for Standards and Technology (NIST) has released the final version of three new encryption algorithms. These algorithms are designed to protect against the threats posed by quantum computing. For nearly three decades, experts have warned that a powerful quantum computer could break the most widely used forms of encryption.

This encryption currently protects everything from national security secrets to personal banking records. Today’s encryption relies on complex mathematical problems that classical computers struggle to solve. For example, cracking the latest RSA standard could take a classical computer a billion years.

However, in 1994, mathematician Peter Shor showed that a quantum computer could potentially break these cryptographic schemes in hours. To combat this threat, NIST has released three new algorithms: CRYSTALS–Kyber, CRYSTALS–Dilithium, and SPHINCS+. These algorithms were selected after extensive testing from an initial pool of 82 proposals.

A fourth algorithm, FALCON, is expected to be released next year. The chosen algorithms use complex mathematical concepts. For instance, the CRYSTALS algorithms employ lattice-based cryptography involving up to 1,000 dimensions.

This makes them exceptionally difficult for quantum computers to crack. There are growing concerns over “harvest now, decrypt later” (HNDL) attacks. In these attacks, hackers collect data now, hoping to decrypt it in the future using quantum computers.

nist’s quantum-safe encryption algorithms

Such attacks would likely target long-shelf-life data, including social security numbers, bank account information, and government or corporate secrets. Dario Gil, senior vice president and director of research at IBM, emphasized the urgency of adopting these new standards.

“Ignoring the problem would be a catastrophe,” he said. He stressed that transitioning to new cryptographic standards is a lengthy process that could take 10 to 20 years. NIST has worked with a wide range of mathematicians and cryptographers since it formally called for new quantum-safe algorithms in 2016.

The three newly approved algorithms underwent rigorous testing, with participation from up to 2,000 experts through various rounds of evaluation and NIST workshops. The development of these post-quantum standards comes amid growing national security concerns. This is particularly true with China’s significant investment of over $15 billion in quantum computing projects.

Experts believe that the first cryptographic threats will likely come from nation-states due to the massive complexity and resources required to build large-scale quantum systems. NIST’s National Cybersecurity Center of Excellence is ready to help companies and organizations transition to these new standards. “One of the first steps organizations should take is to inventory their current cryptographic use,” said Dustin Moody, who has led NIST’s post-quantum cryptography efforts since 2014.

“Ensure that IT departments are aware of the upcoming changes and are properly educated.”

Although the threat of quantum computing is significant, Moody remains confident in the new algorithms. “We have strong confidence in the algorithms that came out of this process. That’s not a 100% guarantee, but it doesn’t keep me up at night worrying.”

The U.S. government’s proactive measures aim to ensure that data remains secure in the face of evolving technological advancements.

This showcases the importance of forward-thinking in cybersecurity.

Mason Carter

Mason Carter is a sharp-witted venture capital and startup analyst whose columns provide cutting-edge insights into the world of entrepreneurship and investment.
View more

More Stories