NIST Acknowledges First Four Quantum-Resistant Encryption Tools


The US Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer.

The four selected encryption algorithms will now reportedly become part of NIST’s post-quantum cryptographic (PQC) standard, which should be finalized in about two years.

More specifically, for general encryption (used for access to secure websites), NIST has selected the CRYSTALS-Kyber algorithm.

For digital signatures, on the other hand,  NIST has selected the three algorithms CRYSTALS-Dilithium, FALCON and SPHINCS+.

“NIST constantly looks to the future to anticipate the needs of U.S. industry and society as a whole, and when they are built, quantum computers powerful enough to break present-day encryption will pose a serious threat to our information systems,” commented NIST Director Laurie E. Locascio.

 “Our post-quantum cryptography program has leveraged the top minds in cryptography — worldwide — to produce this first group of quantum-resistant algorithms that will lead to a standard and significantly increase the security of our digital information.”

Locascio also confirmed that NIST is currently considering four additional algorithms to be included in the standard to develop a robust variety of defense tools. The finalists from that round will be announced at a future date.

“NIST’s announcement […] is a key milestone in the development of quantum-resistant security practices,” Edlyn Teske, a senior crypto expert at Cryptomathic, told Infosecurity Magazine.

“In practice, this means that [Chief Security Officers] need to take stock of their organization’s ability to rapidly switch the cryptographic algorithms that underpin your data security, without upending your entire infrastructure – an approach commonly known as being ‘crypto-agile.’ 

According to Teske, organizations that invest time and money into achieving true crypto-agility as a near-term priority will be ready to deploy NIST-standardized algorithms as they become available.

“[They will also] be much better prepared to protect their assets from post-quantum threats than those who wait.”

Products You May Like

Articles You May Like

How to Delete Old Accounts Containing Personal Information
Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government
GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions
Technical Support Scams – What to look out for
How Data Brokers Sell Your Identity

Leave a Reply

Your email address will not be published.