Today, the US National Institute of Standards and Technology (NIST) has published three out of its four expected Post Quantum Cryptography Standards which address the emerging security challenges posed by quantum computing.
The three new standards ready for implementation into existing digital networks are ML-KEM - Module-Lattice-Based Key-Encapsulation Mechanism Standard (FIPS 203), ML-DSA - Module-Lattice-Based Digital Signature Standard (FIPS 204) and SLH-DSA - Stateless Hash-Based Digital Signature Standard (FIPS 205). The culmination of public-private sector collaborations, these standards have been designed to ensure that digital communications remain secure against future threats from quantum computers and to strengthen current cryptographic practices. They will provide the blueprint for governments and industries all over the work to begin adopting post-quantum cryptography cyber security strategies.
The background to these Standards
Quantum computing technology is developing at a rapid pace, and some experts predict that a device with the capability to break current encryption methods could appear within a decade, threatening the security and privacy of individuals, organisations and entire nations.
NIST began looking at developing quantum-resistant algorithms as early as 2016 in order to advance the protection of encrypted data from cyber-attacks that could be attempted through quantum computers. Through the launch of the ‘Post-Quantum Cryptography Standardization Project', NIST received evidence from countries around the world who submitted 69 algorithms which claimed to be quantum-resistant. Cryptographers were invited to attempt to crack these algorithms, which allowed NIST to narrow down the number of candidates taking part in the project. In July 2022, NIST selected four algorithms which would be eligible for inclusion in the Federal Information Processing Standard (FIPS). In August 2023, NIST announced that three of the four algorithms received a draft standard.
While there have been no substantive changes made to the standards since the draft versions, NIST has changed the algorithms' names to specify the versions that appear in the three finalised standards, which are:
- Federal Information Processing Standard (FIPS) 203, intended as the primary standard for general encryption. Among its advantages are comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation. The standard is based on the CRYSTALS-Kyber algorithm, which has been renamed ML-KEM, short for Module-Lattice-Based Key-Encapsulation Mechanism.
- FIPS 204, intended as the primary standard for protecting digital signatures. The standard uses the CRYSTALS-Dilithium algorithm, which has been renamed ML-DSA, short for Module-Lattice-Based Digital Signature Algorithm.
- FIPS 205, also designed for digital signatures. The standard employs the Sphincs+ algorithm, which has been renamed SLH-DSA, short for Stateless Hash-Based Digital Signature Algorithm. The standard is based on a different math approach than ML-DSA, and it is intended as a backup method in case ML-DSA proves vulnerable.
- Similarly, when the draft FIPS 206 standard built around FALCON is released, the algorithm will be dubbed FN-DSA, short for FFT (fast-Fourier transform) over NTRU-Lattice-Based Digital Signature Algorithm.
The US saw a major shift in the government's attitude toward quantum computing when President Joe Biden signed the Quantum Computing Cybersecurity Preparedness Act in December 2022. The bi-partisan Act outlines the Government's commitment to address the threats posed by quantum computers and realise that action needs to be taken to mitigate risk.
In the USA, the Federal Government plans to update all its systems to be Quantum Safe by [2033|2035]. A bi-partisan Act of Congress from December 2022 provides funding.
The UK's National Cyber Security Centre recommends ML-KEM (Kyber/FIPS 203) and ML-DSA (Dilithium/FIPS 204) from the above initiatives from NIST as providing appropriate levels of security and efficiency for most use cases. Equally, cyber security authorities in Canada, France, Germany recommend planning for the Quantum Safe transition, and beginning implementation with the publication of the approved NIST standards. This is an opportunity for 5-Eyes and European countries to ensure that their approaches are aligned in this space, supporting innovation in the sector and not over-burdening businesses with complex, different interventions.
NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible.
You can read the full press release from the National Institute of Standards and Technology (NIST) here.