Quantum computers have the potential for breaking all the security and privacy we rely on for just about everything we do online. Now the National Institute of Standards and Technology (NIST) has developed tools to thwart them.
The NIST announced last month that it has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer.
The algorithms are specified in the first completed standards from NIST’s post-quantum cryptography (PQC) standardization project, and are ready for immediate use.
The three approved Federal Information Processing Standards (FIPS) for post-quantum cryptography are:
- Federal Information Processing Standard (FIPS) 203, intended as the primary standard for general encryption. Among its advantages are comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation. The standard is based on the CRYSTALS-Kyber algorithm, which has been renamed ML-KEM, short for Module-Lattice-Based Key-Encapsulation Mechanism.
- FIPS 204, intended as the primary standard for protecting digital signatures. The standard uses the CRYSTALS-Dilithium algorithm, which has been renamed ML-DSA, short for Module-Lattice-Based Digital Signature Algorithm.
- FIPS 205, also designed for digital signatures. The standard employs the Sphincs+ algorithm, which has been renamed SLH-DSA, short for Stateless Hash-Based Digital Signature Algorithm. The standard is based on a different math approach than ML-DSA, and it is intended as a backup method in case ML-DSA proves vulnerable.
The standards, which are the result of an eight-year effort managed by NIST, contain the encryption algorithms’ computer code, instructions for how to implement them, and their intended uses.
Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio commented, “Quantum computing technology could become a force for solving many of society’s most intractable problems, and the new standards represent NIST’s commitment to ensuring it will not simultaneously disrupt our security. These finalized standards are the capstone of NIST’s efforts to safeguard our confidential electronic information.”
NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible. NIST mathematician Dustin Moody, who heads the PQC standardization project, said, “There is no need to wait for future standards. Go ahead and start using these three. We need to be prepared in case of an attack that defeats the algorithms in these three standards, and we will continue working on backup plans to keep our data safe. But for most applications, these new standards are the main event.”