NIST Acknowledges First Four Quantum-Resistant Encryption Tools

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer.

The four selected encryption algorithms will now reportedly become part of NIST’s post-quantum cryptographic (PQC) standard, which should be finalized in about two years.

More specifically, for general encryption (used for access to secure websites), NIST has selected the CRYSTALS-Kyber algorithm.

For digital signatures, on the other hand,  NIST has selected the three algorithms CRYSTALS-Dilithium, FALCON and SPHINCS+.

“NIST constantly looks to the future to anticipate the needs of U.S. industry and society as a whole, and when they are built, quantum computers powerful enough to break present-day encryption will pose a serious threat to our information systems,” commented NIST Director Laurie E. Locascio.

 “Our post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”

Locascio also confirmed that NIST is currently considering four additional algorithms to be included in the standard to develop a robust variety of defense tools. The finalists from that round will be announced at a future date.

“NIST’s announcement […] is a key milestone in the development of quantum-resistant security practices,” Edlyn Teske, a senior crypto expert at Cryptomathic, told Infosecurity Magazine.

“In practice, this means that [Chief Security Officers] need to take stock of their organization’s ability to rapidly switch the cryptographic algorithms that underpin your data security, without upending your entire infrastructure – an approach commonly known as being ‘crypto-agile.’ 

According to Teske, organizations that invest time and money into achieving true crypto-agility as a near-term priority will be ready to deploy NIST-standardized algorithms as they become available.

“[They will also] be much better prepared to protect their assets from post-quantum threats than those who wait.”

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Palo Alto Networks Patches Critical Firewall Vulnerability
10 Most Impactful PAM Use Cases for Enhancing Organizational Security
Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits
The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

Leave a Reply

Your email address will not be published. Required fields are marked *