News, news analysis, and commentary on the latest trends in cybersecurity technology.
NIST Finalizes Post-Quantum Encryption Standards
The new standards are designed for two tasks: general encryption and digital signatures.
Three new encryption algorithms to bolster global cybersecurity efforts against future attacks using quantum technologies were published today by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. The new standards are designed for two tasks: general encryption and digital signatures.
The standards are the culmination of an eight-year effort from the agency to tap the best minds in cybersecurity to devise the next generation of cryptography strong enough to withstand quantum computers. Experts expect quantum computers capable of breaking current current cryptographic algorithms within a decade. The new standards, the first released by NIST’s post-quantum cryptography (PQC) standardization project, are published on the department's website. The documents contain the algorithms' computer code, instructions for how to implement them in products and in encryption systems, and use cases for each.
FIPS 203 is a key-encapsulation mechanism encryption algorithm to project information transferred over a public network and is "intended as the primary standard for general encryption," the agency said. It is based on the CRYSTALS-Kyber algorithm, renamed as the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM).
FIPS 204 is the primary standard for protecting digital signatures. It uses the CRYSTALS-Dilithium algorithm, now called the Module-Lattice-Based Digital Signature Algorithm (ML-DSA).
FIPS 205 is also designed for digital signatures. It leverages a different mathematical approach than ML-DSA and is intended to be used as a backup when that algorithm proves vulnerable. The standard employs the Sphincs+ algorithm, now known as the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA).
NIST mathematician Dustin Moody, head of the PQC standardization project, said the agency is continuing to evaluate two additional algorithms to use as backup standards but urges security practitioners to use those released today.
"There is no need to wait for future standards," he said. "Go ahead and start using these three. We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe. But for most applications, these new standards are the main event."
About the Author
You May Also Like