A set of encryption algorithms that are designed to withstand hacking attempts by a quantum computer has been released by the US National Institute of Standards and Technology (NIST). The algorithms, which should also protect against the increasing threat of AI-based attacks, are the result of an eight-year effort by NIST. They contain the encryption algorithms’ computer code, instructions for how to implement them and details of their intended uses.
Encryption is widely used to protect the contents of electronic information, with encrypted data able to be sent safely across public computer networks because it is unreadable to all but its sender and intended recipient. Encryption tools rely on complex mathematical problems that conventional computers find difficult or impossible to solve. Quantum computers, however, could outperform their classical counterparts and crack current encryption methods.
In 2016 NIST announced an open competition in which researchers were invited to submit algorithms to be considered as a “post-quantum” cryptography (PQC) standard to stymie both conventional and quantum computers. In 2022 NIST said that four algorithms would be developed further. CRYSTALS-Kyber protects information exchanged across a public network, while CRYSTALS-Dilithium, FALCON and SPHINCS+ concern digital signatures and identity authentication.
Quantum-safe cryptography: why we need it now
The three final algorithms, which have now been released, are ML-KEM, previously known as kyber; ML-DSA (formerly Dilithium); and SLH-DSA (SPHINCS+). NIST says it will release a draft standard for FALCON later this year. “These finalized standards include instructions for incorporating them into products and encryption systems,” says NIST mathematician Dustin Moody, who heads the PQC standardization project. “We encourage system administrators to start integrating them into their systems immediately.”
Duncan Jones, head of cybersecurity at the firm Quantinuum welcomes the development. “[It] represents a crucial first step towards protecting all our data against the threat of a future quantum computer that could decrypt traditionally secure communications,” he says. “On all fronts – from technology to global policy – advancements are causing experts to predict a faster timeline to reaching fault-tolerant quantum computers. The standardization of NIST’s algorithms is a critical milestone in that timeline.”
