Post-quantum cryptography hits standardization milestone

Green light for four ‘future-proofed’ encryption technologies

ANALYSIS The first four standardized protocols for post-quantum cryptography have been unveiled, laying the foundations for the development of apps and web technologies that incorporate “future proof” encryption.

An ongoing standardization process led by the US federal government’s National Institute of Standards and Technology (NIST) last week resulted in the announcement of a quartet of preferred protocols.

The selected encryption algorithms will become part of NIST’s post-quantum cryptographic standard, expected to be finalized over the next two years. Four additional algorithms are still under consideration for inclusion in the standard.

NIST said in a statement that it recommends two primary algorithms to be implemented for most use cases: CRYSTALS-KYBER (key-establishment) and CRYSTALS-Dilithium (digital signatures).

More than one algorithm for each use case is being sought as backup in the event one or other approach proves vulnerable.

The dilithium crystals can take it

For digital signatures, NIST recommends CRYSTALS-Dilithium as the primary algorithm, with FALCON for applications that need smaller signatures than Dilithium can provide. A third algorithm, SPHINCS, is slower than the other two but still received the go-ahead because it is based on a different mathematical process and therefore offers a chance to add diversity.

NIST’s Dustin Moody explained why a further round of selection was needed.

“Of the four algorithms we selected, one is for encryption and three are for digital signatures,” Moody told The Daily Swig. “Of the four algorithms that we will continue to study in the fourth round, all four are encryption algorithms.

“The primary motivation for this is to find a non-lattice-based signature scheme which is suitable for general purpose use to be a backup for our lattice-based signature algorithms we are standardizing (Dilithium and Falcon),” Moody added.

He continued: “Our current NIST public-key standards cover encryption and signatures. So that is what our standardization process was targeted for – to replace the vulnerable cryptosystems in those standards. Other functionalities may be considered in the future.”

Quantum leap

The long-running search for next-generation cryptographic techniques is necessary because current encryption protocols, such as RSA, base their security on solving mathematical problems that are beyond the reach of even the most powerful conventional computers.

Sufficiently powerful quantum computers – which operate according to a completely different paradigm than current PCs or servers – might be able to crack today’s existing public key cryptography algorithms. Simply increasing the key length is insufficient to address this potential threat, hence the need to look to the development of post-quantum cryptography protocols.

Store now, decrypt later

Even though the current generation of quantum computers are largely experimental and beset by engineering challenges, adversaries might well be pre-planning for their future availability with so-called “store-now-decrypt-later” attacks.

If successful, such attacks would leave a growing volume of conventionally encrypted financial, government, commercial, and health-related data exposed to attack from sufficiently capable quantum computers.

Quantum computers rely on the properties of quantum states – such as superposition, interference, or entanglement – rather than the simple binary states (0 or 1) of conventional computers, in processing computational tasks.

Subscribe To ANE Talk Trends On Youtube

Subscribe To All Naija Entertainment On Youtube