US Department of Commerce unveils quantum-resistant encryption algorithms
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has finalised its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer.
Researchers around the world are racing to build quantum computers that would operate in radically different ways from ordinary computers and could break the current encryption that provides security and privacy for just about everything we do online. The algorithms are specified in the first completed standards from NIST’s post-quantum cryptography (PQC) standardisation project and are ready for immediate use.
The three new standards are built for the future. Quantum computing technology is developing rapidly, and some experts predict that a device with the capability to break current encryption methods could appear within a decade, threatening the security and privacy of individuals, organisations and entire nations.
“The advancement of quantum computing plays an essential role in reaffirming America’s status as a global technological powerhouse and driving the future of our economic security,” said Deputy Secretary of Commerce Don Graves. “Commerce bureaus are doing their part to ensure U.S. competitiveness in quantum, including the National Institute of Standards and Technology, which is at the forefront of this whole-of-government effort.”
He added “NIST is providing invaluable expertise to develop innovative solutions to our quantum challenges, including security measures like post-quantum cryptography that organisations can start to implement to secure our post-quantum future. As this decade-long endeavour continues, we look forward to continuing Commerce’s legacy of leadership in this vital space.”
The standards — containing the encryption algorithms’ computer code, instructions for how to implement them, and their intended uses — are the result of an eight-year effort managed by NIST, which has a long history of developing encryption. The agency has rallied the world’s cryptography experts to conceive, submit and then evaluate cryptographic algorithms that could resist the assault of quantum computers. The nascent technology could revolutionise fields from weather forecasting to fundamental physics to drug design, but it carries threats as well.
“Quantum computing technology could become a force for solving many of society’s most intractable problems, and the new standards represent NIST’s commitment to ensuring it will not simultaneously disrupt our security,” said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio. “These finalised standards are the capstone of NIST’s efforts to safeguard our confidential electronic information.”
Encryption carries a heavy load in modern digitised society. It protects countless electronic secrets, such as the contents of email messages, medical records and photo libraries, as well as information vital to national security. Encrypted data can be sent across public computer networks because it is unreadable to all but its sender and intended recipient.
Encryption tools rely on complex maths problems that conventional computers find difficult or impossible to solve. A sufficiently capable quantum computer, though, would be able to sift through a vast number of potential solutions to these problems very quickly, thereby defeating current encryption. The algorithms NIST has standardised are based on different maths problems that would stymie both conventional and quantum computers.
“These finalised standards include instructions for incorporating them into products and encryption systems,” said NIST mathematician Dustin Moody, who heads the PQC standardisation project. “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time.”
Moody said that these standards are the primary tools for general encryption and protecting digital signatures.
Comment on this article via X: @IoTNow_ and visit our homepage IoT Now