Cyberwarfare / Nation-State Attacks , Encryption & Key Management , Fraud Management & Cybercrime

US Government Picks Quantum-Resistant Encryption Algorithms

Quantum Computers That Use Atom-Level States of Uncertainty Are a Matter of Time
US Government Picks Quantum-Resistant Encryption Algorithms

The American government agency that's also a global trendsetter for cryptographic standards today selected four algorithms designed to withstand a decryption attack mounted by a quantum computer.

See Also: OnDemand | Hacking Multifactor Authentication: An IT Pro’s Lessons Learned After Testing 150 MFA Products

The selection caps a six-year effort initiated when the National Institute of Standards and Technology in 2016 solicited proposals for post-quantum computing encryption models.

The four algorithms will be a part of NIST's post-quantum cryptographic standard, which the agency expects to finalize in about two years. Four additional algorithms remain under active consideration.

Superfast computers that use atom-level states of uncertainty are likely a matter of time, leading to worries that today's encryption standards are destined for obsolescence. Some scientists predict a quantum computer by 2030 capable of breaking within hours the encryption of a 2,000-bit RSA key.

That poses problems for the future of online transactions, which depend on strong encryption to secure data such as financial information as it flows across the internet. It's also a problem for national security, said Matt Scholl, chief of NIST's Computer Security Division, in an earlier online Q&A.

Bank accounts will be safe at first, he said. But quantum computing fundamentally changes today's cryptographic landscape in which strong cryptographic keys are practically impossible to reverse-engineer.

"That's why, even though there's not a cryptographically relevant quantum machine now, we need to be preparing now so that even the data we have today is quantum-proof tomorrow," he said.

NIST today announced it selected three algorithms for use in digital signatures: CRYSTALS-Dilithium, FALCON and SPHINCS+ - pronounced "Sphincs plus." The agency recommends the first as the primary algorithm and FALCON for applications that need smaller signature. The third is larger and slower but valuable as a backup for its unique math approach, NIST says.

For general encryption, NIST selected CRYSTAL-Kyber.

President Joe Biden earlier this year called for a "whole-of-government and whole‑of‑society strategy" to harness the benefits of quantum technology. In an executive order, he created a National Quantum Initiative Advisory Committee made up of 26 experts from industry, academia and national laboratories.

About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.