“NIST has released draft standards for three quantum-resistant encryption algorithms to bolster cybersecurity against future quantum threats. Feedback is welcome until November 22, with the standards expected to be operational by 2024. Quantum computing’s rapid advancement poses a significant risk to current security systems. NIST plans to develop additional quantum-resistant standards and urges organizations, especially those handling sensitive data, to prepare for the transition to quantum-safe cryptographic measures.”
NIST Unveils Preliminary Quantum-Resistant Cryptography Algorithms
In a proactive move to fortify current cybersecurity measures against potential decryption by future quantum computers, the National Institute of Standards and Technology (NIST) has introduced draft standards for three robust algorithms designed to withstand quantum-enabled cyber threats. The agency is actively seeking input on these standards, denoted as Federal Information Processing Standards 203, 204, and 205, with the feedback window open until November 22, as announced in the Federal Register.
Following the conclusion of the comment period, NIST anticipates that these cryptographic standards will be operational starting in 2024, as indicated by officials.
NIST’s Post-Quantum Cryptography project has been underway for approximately four years out of its projected six-year duration. The primary objective of this endeavor is to develop public-key cryptographic algorithms capable of safeguarding sensitive and confidential information.
The rise of quantum computing presents a formidable threat to the entirety of the contemporary cybersecurity infrastructure. These immensely powerful quantum computers may soon possess the ability to breach the encryption methods upon which most security systems currently rely.
In an announcement made on August 24, NIST emphasized that while the three quantum-resistant encryption algorithms represent the initial efforts, they will not be the final solutions. In the subsequent year, NIST plans to release a draft standard for FALCON, a fourth algorithm selected for development in the previous year. Additionally, NIST is actively working on a second set of algorithms that offer alternative defensive strategies in the event that any of the selected algorithms display vulnerabilities in the future.
Quantum computers, utilizing qubits instead of traditional binary bits, can execute complex computations at a rate surpassing even the most advanced contemporary supercomputers. Quantum computing has exhibited potential in enhancing the efficiency and accuracy of training machine learning models. It has already influenced various applications in healthcare data, encompassing genomic sequence analysis, drug discovery virtual screening, medical image classification, disease risk prediction, and adaptive radiotherapy.
However, the concern lies in the possibility of quantum computers falling into the wrong hands, thereby rapidly deciphering any code generated by conventional binary computing. This could pose a fundamental challenge to modern security cryptography.
In a New Yorker feature published in December of the previous year, Peter Shor, a mathematician from Bell Labs, illustrated how quantum computers could potentially crack widely used encryption standards, rendering most security systems and organizations defenseless against breaches. Shor even speculated that he might witness this event in his lifetime.
At the HIMSS Cybersecurity Forum in December 2022, Matthew Scholl, the division chief of NIST’s computer security division, sounded the alarm regarding the implications of quantum computing for the current security infrastructure of modern technology networks. He emphasized that a substantial portion of cybersecurity measures is founded on uncertain foundations, lacking solid measurements, comprehensive understanding, or robust capabilities.
NIST’s newly introduced quantum-proof encryption standards aim to provide a layer of protection to reinforce defenses against these impending risks.
In April, Frederik Flöther, a quantum expert, urged organizations to prepare their cybersecurity systems to counter cyber threats leveraging quantum computing. Flöther emphasized the significance of certain quantum algorithms, particularly Shor’s algorithm, which can significantly expedite the resolution of mathematical problems central to current cryptographic methods. As quantum hardware and software continue to advance, these algorithms may render existing cryptographic protocols ineffective. Flöther also highlighted the pressing need for organizations, particularly those handling sensitive data requiring long-term security, to develop transition roadmaps towards quantum-safe cryptographic standards.