NIST Acknowledges First Four Quantum-Resistant Encryption Tools

Security

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer.

The four selected encryption algorithms will now reportedly become part of NIST’s post-quantum cryptographic (PQC) standard, which should be finalized in about two years.

More specifically, for general encryption (used for access to secure websites), NIST has selected the CRYSTALS-Kyber algorithm.

For digital signatures, on the other hand,  NIST has selected the three algorithms CRYSTALS-Dilithium, FALCON and SPHINCS+.

“NIST constantly looks to the future to anticipate the needs of U.S. industry and society as a whole, and when they are built, quantum computers powerful enough to break present-day encryption will pose a serious threat to our information systems,” commented NIST Director Laurie E. Locascio.

 “Our post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”

Locascio also confirmed that NIST is currently considering four additional algorithms to be included in the standard to develop a robust variety of defense tools. The finalists from that round will be announced at a future date.

“NIST’s announcement […] is a key milestone in the development of quantum-resistant security practices,” Edlyn Teske, a senior crypto expert at Cryptomathic, told Infosecurity Magazine.

“In practice, this means that [Chief Security Officers] need to take stock of their organization’s ability to rapidly switch the cryptographic algorithms that underpin your data security, without upending your entire infrastructure – an approach commonly known as being ‘crypto-agile.’ 

According to Teske, organizations that invest time and money into achieving true crypto-agility as a near-term priority will be ready to deploy NIST-standardized algorithms as they become available.

“[They will also] be much better prepared to protect their assets from post-quantum threats than those who wait.”

Products You May Like

Articles You May Like

Bahamut cybermercenary group targets Android users with fake VPN apps
Remote Code Execution Vulnerability Found in Windows Internet Key Exchange
Phishing Campaign Impersonating UAE Ministry of Human Resources Grows
“This Connection Is Not Private” – What it Means and How to Protect Your Privacy
ConnectWise Fixes XSS Vulnerability that Could Lead to Remote Code Execution

Leave a Reply

Your email address will not be published. Required fields are marked *