The National Institute of Standards and Technology (NIST) of the US Department of Commerce revealed earlier last week the selection of four encryption algorithms that would be incorporated into the organization’s post-quantum cryptography (PQC) standard. NIST plans to complete this standard over the next two years and is likely to add other algorithms in the future.
The proverbial necessity is the mother of the invention applies to the field of quantum computing. While classical computers express information in binary, i.e., 1 and 0, quantum computing exploits the concepts of quantum physics like superposition, entanglement, and quantum interference to the classical computing techniques. Today, quantum computers are highly sought for weather forecasting, financial modeling, drug development and more.
However, in 1994, with the creation of Shor’s algorithm, researchers demonstrated that if the development in quantum computing could be maintained for a long enough period of time, quantum computers could defeat existing encryption technologies like Rivest–Shamir–Adleman (RSA) algorithm and elliptic curve cryptography (ECC). Developed by American mathematician Peter Shor, Shor’s Algorithm is a non-linear method for factoring composite numbers, defies many of the constraints of linear computation, and can easily locate the prime factors in any number, regardless of size. The largest key size to be solved was a 795-bit RSA key, which was factored in 2019 by a group of academics. The long-trusted Diffie-Hellman key exchange technique, which is used for contemporary cryptographic communications such as SSL, TLS, PKI, and IPsec, is projected to be broken by quantum computers in addition to RSA and ECC.
Although it will be years before quantum computers are strong enough to crack public-key encryption, when they do, they might pose a serious danger to financial and personal data and national security. This key drawback is well known in the computing industry. A few businesses have started working on developing, testing, and implementing new encryption algorithms that are resistant to quantum computers. Companies like IBM have already started providing solutions that focus on post-quantum cryptography protection.
Recently, many PQC-focused companies have emerged from stealth. In May, QuSecure, a three-year-old firm with headquarters in San Mateo, California, debuted QuProtect as its first post-quantum cryptography solution. According to QuSecure, QuProtect is an orchestration platform capable of securing both data in transit and data at rest that has been encrypted using the latest post-quantum cryptography algorithms. Another company, PQShield offers post-quantum cryptography hardware, an encrypted messaging platform, and a System on Chip to protect smart cards and security chips from post-quantum attacks.
Since 2016, the National Institute of Standards and Technology has been spearheading the search for post-quantum cryptography technology to create and test in order to secure such data. It whittled 82 original proposals for the Post Quantum Cryptography Standardization project to four final methods for two encryption tasks: general encryption (where two users swap keys) and digital signature authentication (identity verification).
Math issues using algebra are frequently used in traditional cryptography like the RSA and ECC, though geometric problems are more frequently used in quantum cryptography. One of these geometric problems is based on lattices, which are a multidimensional grid of points that spread out in all directions. The next step is for the computer to locate nearby points or vectors inside this lattice.
While SPHINCS+ [an algorithm for digital signature verification] employs hash functions, three of the selected algorithms are based on a class of mathematical problems known as structured lattices.
According to NIST, two of the four technologies selected are anticipated to be employed more often. One, known as CRYSTALS-Kyber, will protect online data by creating the cryptographic keys required for two computers to exchange encrypted data. It operates relatively small encryption keys and moves comparatively faster. The second, CRYSTALS-Dilithium, is used to sign encrypted data and prove who sent it. It will probably take two years for the methods to become fully standardized for inclusion in current software and hardware.
Laurie E. Locascio, NIST Director and Under Secretary of Commerce for Standards and Technology, stated in a public statement that the NIST post-quantum cryptography program has taken advantage of the world’s best minds in cryptography to produce this first group of quantum-resistant algorithms that will result in a standard and greatly improve the security of our digital information.
NIST advises CRYSTALS-Dilithium as the principal method for digital signatures, with FALCON for applications that require smaller signatures than Dilithium can offer. It revealed that though SPHINCS+ is slower than the other two but was approved since it is based on a new mathematical method and so provides a possibility to increase diversity. The algorithms are available on the NIST website.
Also, NIST won’t stop at four. The organization added that additional candidates are being considered and that it will soon reveal the winners of the second round. The other four techniques are intended for broad encryption and do not employ hash functions or structured lattices in their approaches.
NIST stated that a useful standard provides solutions tailored for various scenarios, employs a variety of encryption techniques, and provides more than one algorithm for each use case in order to explain the necessity for multiple standards and a multi-stage strategy.
NIST urges security professionals to investigate the new algorithms and think about how their applications will utilize them while the standard is still being developed, but not to incorporate them into their systems just yet because the algorithms could change marginally before the standard is finished.
In the meanwhile, the US government’s attempts to offer defenses against quantum computing are growing. Recent White House directives called for the fast approval of the Bipartisan Innovation Act as well as underlined that the government and businesses should move forward with NIST’s standards. The Quantum Computing Cybersecurity Preparedness Act, put forth by US Representative Nancy Mace (R-SC), was unanimously approved by the US House of Representatives Oversight and Government Reform Committee on May 11 in response to a White House directive to advance the migration of federal government IT systems with post-quantum cryptography capabilities.
In addition to outlining rough timelines and responsibilities for federal agencies to migrate the majority of the US’s cryptographic systems to quantum-resistant cryptography, the Biden administration’s memorandum also underlines its desire for the US to maintain its leadership in quantum information science (QIS).
The White House wants the US to move to cryptographic systems that are resistant to a ‘cryptanalytically’ relevant quantum computer (CRQC) by 2035. However, there is no set timeline for this transition.
This development comes at a time when quantum computers are ready to hit the commercial market. When quantum computers are ready for commercial usage, the PQC algorithms promise to provide exponentially more powerful encryption than present standards. For instance, as a part of its Quantum computing roadmap, a 433-qubit processor named IBM Osprey, is set to be released by the end of this year, more than tripling the size of IBM Eagle, a 127-qubit processor unveiled in November 2021.
China is also at the forefront of the development of quantum technology because of its extensive research funding, which has been increased by other countries as well. Nations are competing to create the first practical quantum computing system because of the security concerns of using quantum technology instead of conventional methods.
For now, one can be confident that introducing these new cryptographic standards will be crucial in enabling businesses to decide which solutions to apply in their settings to safeguard their data against post-quantum dangers, which experts predict could materialize as early as 2030.